Article written by:
Doug Davidson, CISA
Director of Information Technology Services
Various Japanese news media have reported that Honda’s computer network system suffered a cyberattack around 8 PM EDT, Sunday, June 7th, resulting in closed production facilities in North America, Turkey, India and Brazil. Several operations in North America resumed operations on Tuesday, June 9th.
Based on news reports, a Honda company server (or servers) was infected by a form of ransomware that targets industrial control systems, locks them to prevent their use, and then demands payment to open them up again. The attack appears to have specifically targeted Honda and was intentionally launched over the weekend – a time when security staffing is typically reduced.
Firms within the Honda supply chain have contacted the GBQ IT Services team regarding concerns of their potential vulnerability to this kind of attack.
We wanted to raise your awareness of the issue and offer our assistance if you have similar concerns.
If a firm is uncertain about its ability to protect against ransomware, a security assessment focused on that concern should be conducted. In our experience, most security assessments focus on information technology – the computers that run our office operations – rather than operational technologies – those systems that run industrial control systems and other factory floor equipment.
GBQ IT Services recommends:
- Assessing the ability of implemented security controls to prevent unauthorized access to your firm’s industrial control systems and the systems that manage them.
- Reviewing security controls and disaster recovery processes to ensure you are covered to prevent, detect, respond and recover from ransomware.
- Reviewing the incident response plan to ensure key employees know what actions to take should an attack be detected.
- Speaking with your insurance broker to understand how your current insurance covers for interruptions from such attacks.
As this was a targeted attack against Honda, there is a raised likelihood of Honda suppliers being targeted as well.
GBQ IT Services is experienced at conducting security assessments in manufacturing environments, in addition to assisting firms in responding and recovering from ransomware attacks.
For more information or assistance with cybersecurity issues, please contact Doug Davidson, Director of Information Technology Services.