Advertisement

Computer network ‘disruption’ forces Honda to cancel some production

Honda IT personnel are still working the incident. Outside analysts suspect ransomware.
honda ransomware
Cybersecurity researchers said that malicious software samples associated with the incident suggested a ransomware attack had occurred at Honda. (Getty Images)

A “disruption” to Japanese carmaker Honda’s computer network forced the company to cancel some production operations on Monday, according to a company spokesperson.

The incident occurred Sunday and Honda’s IT personnel are still responding to the situation, Honda spokesman Chris Abbruzzese told CyberScoop. He declined to answer questions on the cause of the incident or where it was affecting the company geographically. But another statement from Honda to the BBC said the incident has “also [had] an impact on production systems outside of Japan.”

Cybersecurity researchers said that malicious software samples associated with the incident suggested a ransomware attack had occurred.

Vitali Kremez, a strategic adviser to cybersecurity company SentinelOne, said he suspected a strain of ransomware known as Snake or EKANS was the cause of the incident. The ransomware appears to have been coded to check that it was on Honda’s networks before executing, Kremez said. EKANS ransomware emerged last December and is known for being used in attacks on industrial companies.

Advertisement

It is unclear who is behind the malware.

This would not be Honda’s first experience with a significant ransomware infection. The global outbreak of the WannaCry ransomware in 2017 halted production at a Honda plant in Japan.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts