IOTW: Car production halted by Toyota after suspected cyber-attack
Supplier to Japanese car manufacturer experienced a system failure as a result of a presumed malware attack
Add bookmark
One of Toyota Japan’s suppliers was hit by a cyber-attack which led to the suspension of production from 28 February and resuming on 2 March.
First reported by the Nikkei Asia news agency, the cyber-attack affected Kojima Industries which manufactures both interior and exterior car parts and is a part of Toyota’s just-in-time supply chain in Japan.
The issue resulted in 14 plants and 28 production lines being suspended. Plants outside of Japan have not been affected.
In a statement on 1 March 2022, Toyota said: “We would like to apologize again to our customers, suppliers, and other related parties for any inconvenience caused by today's sudden shutdown.”
The car manufacturer has not provided any public statement on the nature of the “system failure”. Nikkei Asia reported that Kojima Industries said it was investigating the origin of the attack and the specific malware involved.
Malware in Japan
While the type of malware used in the attack has not been confirmed, just days before the Toyota incident the Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) released an alert regarding the re-emergence of Emotet Malware infection activities.
The alert, last updated on 25 February, said the number of reports regarding the Emotet Malware had increased “in particular since the first week of February 2022”.
“Emotet has been observed since late November 2021 and is mainly distributed through emails as an Excel or Word file with macros (or as a password protected Zip folder containing such a file). Enabling the macro after opening the file leads to the infection of Emotet,” the JPCERT/CC alert explains.
External party risk
Car manufactures are one of many groups heavily reliant on third-party vendors, which makes it critical that organizations have a good grip on how to manage the security and risk of each external party.
Ahead of CS Hub’s Third Party Risk Management Digital Summit, Robin Smith, head of cyber and information security at Aston Martin Lagonda in the UK, spoke to CS Hub about implementing a cyber threat intelligence management (CTIM) model that can be used to understand risk intelligence within an organization’s supply chain.
He highlighted that forecasting and evidence-based responses are key to any organization’s ability to plan third-party risk and direct resources to the correct areas.
