Honda reportedly has been forced to shut down some of its plants around the world following a cyberattack of unknown origin.
Honda’s auto plants in Ohio (United States) and Turkey, along with a couple of motorcycle plants in South America and India, halted production after a cyberattack hit the infrastructure. The company has yet to say why the type of cyberattack was responsible for the shutdown, only that they are working to fix the situation.
This is not the first time cyberattack to seriously affect Honda. In 2017, it was one of many companies that fell prey to the WannaCry ransomware. According to a report from Bleeping Computer, the latest information indicates that another ransomware is to blame, but this time it’s Snake (EKANS).
An analysis from milkream supports the idea that Honda might be victim of another ransomware attack. Someone from the mds.honda.com domain checked a sample of the ransomware on Virustotal. While it’s not definitive proof, milkream also posted the alleged ransom note.
The disruption of the company’s operations comes at a very early stage in the restart operations. Much of Honda’s production was shut down during the COVID-19 pandemic, and it’s just starting back up. Moreover, some plants have yet to open, and now, with the cyberattack to deal with, it will take a while for the company to resume normal production.
Ransomware attacks are surging in 2020, with many groups employing new tactics, such as stealing private data before encrypting the systems and using that information to blackmail victims. The latest reports from Honda don’t indicate any kind of data exfiltration or that private data was accessed from the outside, but it’s still early in the investigation.