Skip to main content
close search
site logo
Dive Brief

Honda resumes most operations after cyberattack

Published June 9, 2020
Samantha Schwartz's headshot
Samantha Schwartz Reporter
Honda

Dive Brief:

  • Honda's customer and financial services were disrupted Monday following a cyberattack, according to a company announcement and spokesperson. The malware spread throughout the company's networks, though, Honda said no data was compromised. 
  • Honda "resumed production in most plants," a company spokesperson told CIO Dive Tuesday. The company had suspended operations at plants in the United Kingdom, North America, Turkey, Italy and Japan, according to the BBC
  • The company is working to "return to production" in its Ohio auto and engine plants, according to the spokesperson. The cyberattack initially rendered Honda's computer servers, email and other internal systems inaccessible, reported BBC. 

Dive Insight:

While Honda's internal investigation and remediation is ongoing, cybersecurity professionals are speculating the attack was ransomware, reported Bleeping Computer

Security researchers found evidence Snake "checks for the internal Honda network name of '"mds.honda.com,'" according to the report. When the ransomware cannot "resolve" the indicated domain, the ransomware is terminated without file encryption.

Snake relies on targets to ask for the decryption key from its operators. The ransomware is written in Golang and "uses a high level of obfuscation," according to McAfee. The ransomware "kills" processes linked to supervisory control and data acquisition and industrial control systems. 

"Given that many operations are shut down, but no data was stolen, ransomware is the most obvious culprit," said Paul Bischoff, privacy advocate with Comparitech, in an email to CIO Dive. If Honda has reliable backup systems, the downtime will be minimal.  

"Honda is a huge company, though, so any downtime incurs large losses even if the company chooses not to pay the ransom," Bischoff said.  

With offices globally, some of the company's workforce — upwards of 219,000 employees — went remote, which could "negatively affect our business, particularly if our infrastructure and information technology systems are not capable of supporting" the workforce, according to Honda's latest SEC filing

As ransomware circulates, Honda's cyberattack could be the latest linked to supply chain-style attacks. Honda manufactures cars as well as generators and equipment for specific industries.  

Recommended Reading

Filed Under: Security

Editors' picks

Company Announcements

View all | Post a press release
Traceable Releases 2025 State of API Security Report: API Breaches Persist as Fraud, Bot Attac…
From Traceable AI
October 30, 2024
Blackpoint Cyber Launches Global Partner Program and Enablement Platform Emphasizing a Focus o…
From Blackpoint Cyber
October 30, 2024
Tech Ambitions Collide with Reality: 2025 Technology Impact Report Exposes Critical Readiness…
From Omnia Strategy Group, LLC
October 21, 2024
Cosentino Drives Business Transformation with AI Powered by Celonis Process Intelligence
From Celonis
October 23, 2024
Editors' picks
Latest in Security
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell