Honda halts production at some plants after being hit by a cyberattack
Security researchers suspect outage is the result of a ransomware infection. …
reader comments
10 with 8 posters participating
Honda halted manufacturing at some of its plants around the world on Tuesday after being hit by a cyberattack that’s widely reported to be ransomware.
“Honda has experienced a cyberattack that has affected production operations at some US plants,” the automaker told Ars. “However, there is no current evidence of loss of personally identifiable information. We have resumed production in most plants and are currently working toward the return to production of our auto and engine plants in Ohio.”
Bloomberg News reported on Tuesday evening that production was suspended at car factories in Ohio and Turkey as well as at motorcycle plants in India and South America. The company, according to Bloomberg, was working to fix systems. The news outlet also said that Japanese operations weren’t affected and that other Honda plants in the United States have already resumed manufacturing.
As Bleeping Computer reported earlier, the outage came to light around the same time that a security researcher using the Twitter handle milkream posted a link to VirusTotal. It showed someone had recently submitted a sample of the Snake ransomware malware that checked for the subdomain mds.honda.com.
While DNS records show that the address isn’t reachable on the Internet, researchers presume it’s a network name that’s reachable only inside of Honda’s internal network. Frequently, researchers say, ransomware is programmed to lock data belonging to a specific target. The speculation is the reference to mds.honda.com was a mechanism to prevent the inadvertent encrypting of data outside of Honda corporate network. If correct, it wouldn’t be the first
Continue reading – Article source
