ArrowArtboardCreated with Sketch.Title ChevronTitle ChevronEye IconIcon FacebookIcon LinkedinIcon Mail ContactPath LayerIcon MailPositive ArrowIcon PrintSite TitleTitle ChevronIcon Twitter
Technology

Honda likely singled out in cyberattack that halted factories

Hacking sounds alarm on targeted ransomware

Honda's assembly plant in Turkey was among those affected by the cyberattack. (Photo by Akihiro Sano)

TOKYO -- Honda Motor was likely specifically targeted by the malware that brought several plants to a halt this month as sophisticated cyberattacks further highlight the need for organizations to protect themselves.

The company's network came under a file-encrypting ransomware attack June 8, disrupting production at nine factories in the U.S. and elsewhere. Essential systems, as well as internal email, were rendered unusable.

The ransomware suspected of hitting Honda mentioned an in-house domain -- or internet address -- according to Takashi Yoshikawa of Mitsui Bussan Secure Directions, a unit of trading house Mitsui & Co.

"The malware was made to encrypt files and demand a ransom only in Honda's internal environment," Yoshikawa said after analyzing the software, suspected to be Snake.

The attack impacted servers to facilitate encrypting data on a wide range of terminals. Specific conditions were set so that the ransom note would be displayed only to IT managers. The note found in the analysis said files could be restored only through buying a tool for an unnamed price.

Honda declined to comment on the attack. But a sample of what may have been the malware was anonymously uploaded to VirusTotal, a malware-scanning website used by cybersecurity experts.

In 2017, the Japanese automaker's Sayama factory in a Tokyo suburb went offline after an attack by the WannaCry ransomware. While that malware indiscriminately impacted organizations around the world, the latest attack likely had set its sights on the carmaker.

"Attacks tailored to target entities, complete with advance scouting, are on the rise," Yoshikawa said.

The Snake malware suspected to have been used on Honda also attacked Germany-based hospital operator Fresenius this May, impacting its hospitals as well as medical device manufacturing and sales. Patient data was compromised as well.

Sponsored Content

About Sponsored Content This content was commissioned by Nikkei's Global Business Bureau.

You have {{numberArticlesLeft}} free article{{numberArticlesLeft-plural}} left this monthThis is your last free article this month

Stay ahead with our exclusives on Asia;
the most dynamic market in the world.

Stay ahead with our exclusives on Asia

Get trusted insights from experts within Asia itself.

Get trusted insights from experts
within Asia itself.

Get Unlimited access

You have {{numberArticlesLeft}} free article{{numberArticlesLeft-plural}} left this month

This is your last free article this month

Stay ahead with our exclusives on Asia; the most
dynamic market in the world
.

Get trusted insights from experts
within Asia itself.

Try 3 months for $9

Offer ends July 31st

Your trial period has expired

You need a subscription to...

  • Read all stories with unlimited access
  • Use our mobile and tablet apps
See all offers and subscribe

Your full access to the Nikkei Asian Review has expired

You need a subscription to:

  • Read all stories with unlimited access
  • Use our mobile and tablet apps
See all offers
NAR on print phone, device, and tablet media