Cyber Attack Forces Vehicle Emissions Testing Company to Halt Operations in 8 States

Malware has wreaked havoc on emissions testing processes, causing states like Massachusetts to extend inspection deadlines.

byRob Stumpf|
Car Tech photo


The majority of states require drivers to have their vehicles inspected for both safety and emissions on some sort of regular schedule. For many, this means a once-a-year trip to a dealership or independent garage to ensure that the vehicle meets the minimum requirements for road use.

Now, imagine taking time off work so you can make it to your scheduled inspection appointment on the very last day of the month, only to be told that your inspection couldn't be performed due to a computer problem. That's the exact scenario drivers have found themselves in after a Wisconsin-based emissions testing provider used by many garages found itself at the center of a cyberattack that halted all emissions testing in eight states.

AP Photo/Nick Ut

Applus Technologies reported last week that it had become the victim of a "malware attack" which it detected and isolated on March 30. The attack, while stopped in its tracks, still hampered testing, leaving thousands of drivers unable to have their vehicle inspected to ensure roadworthiness. As of right now, Applus doesn't have a timetable for when all of its services will be back online.

When a vehicle inspection is performed, a technician checks certain physical attributes of your car, like tire tread depth and brake pad thickness. These are tasks that have to be completed by hand. Areas related to emissions components also require vehicles to be tested by plugging a computer into an onboard diagnostic port in order for certain tests to be run. And because emissions tests are state-regulated, many states have a standardized procedure or service provider to ensure that they're completed to meet specific criteria.

Inspection stations in Connecticut, Georgia, Idaho, Illinois, Massachusetts, New York, Texas, and Utah have all reportedly been affected by the Applus breach to varying degrees, according to The Salem News.

"Unfortunately, incidents such as this are fairly common and no one is immune," reads a statement by Applus Technologies CEO Darrin Greene. "We apologize for any inconvenience this incident may cause. We know our customers and many vehicle owners rely on our technology and we are committed to restoring normal operations as quickly as possible."

Information from Applus has been unclear regarding the type of attack or motive, if any, from the threat actors. It's not presently clear if any personal information was exfiltrated during the attack, or if culprits are demanding any sort of monetary payoff (like a ransomware attack).

The Massachusetts Registry of Motor Vehicles has acknowledged the attack's impact on the ability of drivers to obtain a vehicle inspection. It released a statement on the matter which grants an extension for inspection stickers expiring in March 2021. The RMV notes on Twitter that the extension will not be granted for vehicles with inspection stickers that expired in February 2021 or earlier because "inspections stations were open and available for the month of February."

Not all states were affected the same, either. For example—Georgia has effectively resumed testing according to a local Fox affiliate, while others remain unable to restart.

Applus says that it cannot provide a timeline for service restoration, but it's working closely with independent forensic teams to ensure that the system is free from malware before it's brought back online.

Got a tip or question for the author? You can reach them here:

Car Tech