Ransomware halts Honda's automotive production

[TempestCatto]

Quote

Honda’s auto plants in Ohio (United States) and Turkey, along with a couple of motorcycle plants in South America and India, halted production after a cyberattack hit the infrastructure. The company has yet to say why the type of cyberattack was responsible for the shutdown, only that they are working to fix the situation.

Anything can happen. Bet someone on the IT staff let their guard down a little and clicked on something sketchy.

 

Quote

An analysis from milkream supports the idea that Honda might be victim of another ransomware attack. Someone from the mds.honda.com domain checked a sample of the ransomware on Virustotal. While it’s not definitive proof, milkream also posted the alleged ransom note.

 

From milkream's Twitter post:

 

 

Quote

Ransomware attacks are surging in 2020, with many groups employing new tactics, such as stealing private data before encrypting the systems and using that information to blackmail victims. The latest reports from Honda don’t indicate any kind of data exfiltration or that private data was accessed from the outside, but it’s still early in the investigation.

Perhaps the ransomers are bluffing. Who knows.

 

But it's possible data recovery can be performed to resurrect whatever data was locked out. I also wonder if the data that's been locked out isn't something to do with designs for the cars, like instruction sets for the line machines and such.

 

 

Horseradish: https://hotforsecurity.bitdefender.com/blog/honda-car-and-motorcycle-production-halted-after-cyberattack-23481.html

 

This tech news post is sponsored by PIA! PIA Private Internet Access, allows you to brows the web autonomously and safely, using military grade encryption, kill switch, multi device support and more. Go to privateinternetacces.com/linus and get protected today!

[mr moose]

And this is why products are more expensive than they need to be.  Companies have to invest more in mitigating these attacks and when they fail they lose time and money fixing them or paying them.  

[PlayStation 2]

>Ohio

>

 

And nothing of value was lost.

[spartaman64]

they reminded them to get better cybersecurity afterwards how thoughtful of the hackers

[HarryNyquist]

The delay is probably them going to get their offsite backups to wipe/restore (if they're smart). It's unlikely that a company as large as Honda would not have things backed up for such a disruption.

 

Also maybe if companies would take their security people seriously this shit wouldn't happen but hey that's just me

[Lurick]

Just now, HarryNyquist said:

Also maybe if companies would take their security people seriously this shit wouldn't happen but hey that's just me

You mean investing the $5 from the vending machine for the entire company's security isn't a smart move?

 

I completely agree, so many companies ignore security because they feel it's either cheaper to pay the attackers or they have insurance that pays to fix it all.

[Trik'Stari]

I wonder what the chances are of this being a State actor targeting American manufacturing?

 

I have a specific State in mind, although I won't say which one. You'll probably guess it in one try.

[Lurick]

Just now, Trik'Stari said:

I wonder what the chances are of this being a State actor targeting American manufacturing?

 

I have a specific State in mind, although I won't say which one. You'll probably guess it in one try.

Antarctica?

[Trik'Stari]

15 minutes ago, Lurick said:

Antarctica?

Yes. Damned penguins and their communi.... I mean ice.

 

......

 

16 minutes ago, Lurick said:

You mean investing the $5 from the vending machine for the entire company's security isn't a smart move?

 

I completely agree, so many companies ignore security because they feel it's either cheaper to pay the attackers or they have insurance that pays to fix it all.

You have no idea how accurate this is. I'm aware of a place right now that.... let's just say their services probably cost $500/hr (I'm guessing) that has the kind of security doors that can be gotten past with a can of air, or a vape device. I don't even think they're aware of it.

 

And I only know that trick from watching Defcon videos on Youtube. I have an AS in Network Security, but I also happen to know that physical access trumps almost everything.

[WihGlah]

Honda backup daily. They will have everything back without paying by the end of the week.

[Trik'Stari]

34 minutes ago, WihGlah said:

Honda backup daily. They will have everything back without paying by the end of the week.

Honestly that's what I would expect of them, a week for recovery if not less.

 

I'm seriously surprised that so many companies don't have recovery in place for this, that is faster acting. Considering the lengths some companies will go to, in order to combat things like piracy, you'd think that they would look at ransomware and say "yeah no, let's make sure this never (happens again, or happens to us when it has happened to someone else)."

 

Sure, it's a cost that doesn't net profit, but it's a cost that prevents an even worse cost down the line. Because sure you might have security and MAYBE you can just pay the ransom, but it definitely tarnishes your image as a company, nevermind the possibility of litigation from customers and or business partners for damage if their information is stolen.