Honda Plant Shut Down by Ransomware Attack

Honda was recently forced to stop production at its Sayama, Japan plant after its network was infected with WannaCry ransomware, Reuters reports.

The plant, which produces 1,000 vehicles a day, halted production on Monday of last week, and didn’t resume production until the following day.

Honda isn’t alone in facing these challenges — according to Reuters, competitors Nissan and Renault also stopped production at plants in Japan, Britain, France, Romania and India last month due to WannaCry attacks.

Webroot senior threat research analyst Tyler Moffitt told eSecurity Planet by email that the attack should serve as a reminder that even if your business wasn’t hit during the initial WannaCry outbreak, you may well still be vulnerable. “We recommend that you revisit your security patches immediately and ensure that all of your networked computers can connect to kill switches,” he said.

Defeating WannaCry Attacks

Tripwire senior systems engineer Paul Norris said by email that all companies need to take action to protect themselves against WannaCry. “Effective measures in defeating these sorts of attacks include implementing an effective email filtering solution that is capable of scanning content on emails, hazardous attachments and general content for untrusted URLs,” he said. “Another option would be to better educate the workforce on how to recognize a suspicious email from unknown senders, knowing not to click an untrusted URL, as well as not opening an unexpected attachment.”

And RiskVision CEO Joe Fantuzzi said the Honda plant shutdown is indicative of the growing risks in the manufacturing industry. “While manufacturing hasn’t experienced the same attention as other sectors in regards to emerging ransomware trends, it’s now clear that WannaCry and other advanced threats pose severe and crippling risks to this sector, which among other things can halt production, expose blueprints and intellectual property, aid competitors and decimate profit margins, while taking weeks or months to be fully remediated,” he said.

“What’s more, manufacturing isn’t beholden to the same security and compliance standards as healthcare, financial services and other market verticals, making enforcement of consistent security standards even more difficult,” Fantuzzi added. “Consequently, it’s imperative that manufacturers categorize assets in terms of business criticality to see where their most important vulnerabilities reside, because taking the initiative to find and prioritize critical vulnerabilities is a small investment in comparison to the long-term damage that could result if these vulnerabilities are ever found by cybercriminals and exploited.”

Preventative Steps to Take

Still, a Sikich LLP survey last year found that just 33 percent of manufacturers perform annual penetration testing.

“Warding off cyber threats, including cyber espionage, is a top corporate priority across industries, but manufacturers and distributors need to do much more to protect their patents, designs and formulas, as well as their private company and employee information,” Jim Wagner, partner-in-charge of Sikich’s manufacturing and distribution practice, said in a statement. “Companies need to proactively assess their risk profile and take the necessary steps to address weaknesses.”

To mitigate cyber attacks, the Sikich report advises manufacturers to take the following key steps:

  • Conduct an annual IT risk assessment to properly understand where threats are originating from
  • Perform annual penetration tests to simulate the threat of someone trying to break into their organization’s network
  • Conduct ongoing vulnerability scanning throughout the year to help the organization stay up to date with new threats
Jeff Goldman
Jeff Goldman has been a technology journalist for more than 20 years and an eSecurity Planet contributor since 2009.

Top Products

Top Cybersecurity Companies

Related articles