adimas - Fotolia

Applus inspection systems still down following malware attack

Applus Technologies said it stopped a malware attack two weeks ago, but systems are still down as eight states are forced to extend vehicle inspection dates.

Applus Technologies was hit by a malware attack last month that caused a system outage for vehicle inspection systems in eight states. But more than two weeks later, the disruption continues.

In a statement on its website, Applus said it detected and stopped a malware attack on March 30. In response, the company, which provides testing equipment to thousands of inspection stations in Massachusetts alone, locked down its entire system. Since the incident, the Massachusetts Registry of Motor Vehicles (RMV) has extended deadlines for motor vehicle inspection stickers, a service which the Applus statement referred to as only "temporarily interrupted."

Although Applus said it "detected and stopped" the malware attack, it appears systems are still down as vehicle inspections continue to be postponed. The company said it contacted the FBI and is working with a team of independent forensic investigations on incident response and recovery.

Further details of the attack, such as the type of malware and its impact, have not been revealed. Applus has not provided an update since the initial statement, which said it was unable to provide a recovery timetable.

"We do know it will not be a matter of hours or days," the statement said.

Additionally, Applus said it has not determined the scope of the attack or whether any personal information has been compromised. The company said the attack did not cause a nationwide outage and that disruption was limited to eight states, though Applus has not explained why those states were affected.

In a statement on March 31, Darrin Greene, CEO of the U.S. entity of Applus Technologies, said "Unfortunately, incidents such as this are fairly common and no one is immune."

Applus did not respond to requests for comment.

The RMV released its own statement Tuesday extending the grace period for March and April inspections through May 31, "in light of the outage caused by a malware attack against Applus." They are working with the Executive Office of Public Safety and Security, the Massachusetts Chiefs of Police Association and the Massachusetts State Police to mitigate the impacts of the outage.

"The RMV will hold the vendor accountable for this disruption and is working with Applus to restore services as soon as possible. Applus has indicated that their systems will be operating by Saturday, April 17th in Massachusetts and the Registry will continue working with the vendor to meet this goal," the statement said.

According to the statement, the outage has had a significant impact on the businesses that deliver vehicle inspection services.

SearchSecurity contacted the Massachusetts RMV for an update on the outage and the presumed restoration date. The RMV declined to comment about a timeline for restoration but said it is "in daily communication with the vendor."

Next Steps

Beware of proxyware: Connection-sharing services pose major risks

Dig Deeper on Security operations and management