Honda halts production at some plants after being hit by a cyberattack
Honda halted manufacturing at some of its plants around the world on Tuesday after being hit by a cyberattack thats widely reported to be ransomware.
“Honda has experienced a cyberattack that has affected production operations at some US plants,” the automaker told Ars. “However, there is no current evidence of loss of personally identifiable information. We have resumed production in most plants and are currently working toward the return to production of our auto and engine plants in Ohio.”
Bloomberg News reported on Tuesday evening that production was suspended at car factories in Ohio and Turkey as well as at motorcycle plants in India and South America. The company, according to Bloomberg, was working to fix systems. The news outlet also said that Japanese operations werent affected and that other Honda plants in the United States have already resumed manufacturing.
As Bleeping Computer reported earlier, the outage came to light around the same time that a security researcher using the Twitter handle milkream posted a link to VirusTotal. It showed someone had recently submitted a sample of the Snake ransomware malware that checked for the subdomain mds.honda.com.
While DNS records show that the address isnt reachable on the Internet, researchers presume its a network name thats reachable only inside of Hondas internal network. Frequently, researchers say, ransomware is programmed to lock data belonging to a specific target. The speculation is the reference to mds.honda.com was a mechanism to prevent the inadvertent encrypting of data outside of Honda corporate network. If correct, it wouldn't be the first time Honda has paused production as a result of a ransomware infection. In 2017, the car manufacturer shut a plant in Japan after reportedly finding evidence the WannaCry ransomware worm infected parts of its network.
Ransomware attacks have grown to become one of the Internets top malware scourges. In the first five months of this year, there have been 74 distinct attacks, according to Read More – Source