Honda global operations halted by ransomware attack

by
Zack Whittaker
from Crunch Hype on (#54G9H)

Honda has confirmed a cyberattack that brought parts of its global operations to a standstill.

The company said in a brief statement Tuesday that the attack caused production issues outside of its headquarters in Japan. Work is being undertaken to minimize the impact and to restore full functionality of production, sales, and development activities," according to the BBC.

It follows a tweet from the company, now pinned to the top of its Twitter feed, stating that its customer service and financial services are unavailable" due to the attack.

At this time Honda Customer Service and Honda Financial Services are experiencing technical difficulties and are unavailable. We are working to resolve the issue as quickly as possible. We apologize for the inconvenience and thank you for your patience and understanding.

- Honda Automobile Customer Service (@HondaCustSvc) June 8, 2020

Honda is one of the largest vehicle manufacturers in the world, employing more than 200,000 staff, with factories in the U.K., North America, and Europe.

Details of the attack are slim but an earlier report suggests that the Snake ransomware is the likely culprit. Snake, like other file-encrypting malware, scrambles files and documents and holds them hostage for a ransom, expected to be paid in cryptocurrency. But Honda said there was no evidence to suggest that data had been exfiltrated, a common tactic used by newer forms of ransomware.

The company said that affected factories and plants are expected to be brought back online as early as today.

Brett Callow, a threat analyst at security firm Emsisoft, said a sample of the file-encrypting malware was uploaded to VirusTotal, a malware analysis service, referencing an internal Honda subdomain, mds.honda.com.

The ransomware will only encrypt files on systems capable of resolving this domain but, as the domain does not exist on the clear net, most systems would not be able to resolve it. mds.honda.com may well exist on the internal nameserver used by Honda's intranet, so this is a fairly solid indicator that Honda was indeed hit by Snake," said Callow.

Honda finds itself in similar company to IT giant Cognizant, cyber insurer Chubb, and defense contractor CPI, all of which were hit by ransomware this year.

As ransomware gets craftier, companies must start thinking creatively

Techcrunch?d=2mJPEYqXBVI Techcrunch?d=7Q72WNTAKBA Techcrunch?d=yIl2AUoC8zA Techcrunch?i=04M0-gG_ymg:SuAg5cSK7nI:-BT Techcrunch?i=04M0-gG_ymg:SuAg5cSK7nI:D7D Techcrunch?d=qj6IDK7rITs04M0-gG_ymg
External Content
Source RSS or Atom Feed
Feed Location http://feeds.feedburner.com/TechCrunch/
Feed Title Crunch Hype
Feed Link https://techncruncher.blogspot.com/
Reply 0 comments