Toyota Shuts Down Due to Cyberattack
This week, Toyota supplier Kojima Industries, which provides plastic parts and electronic components to the auto giant, was affected by a cyberattack. That caused Toyota to temporarily shut down operations.
On Feb. 26, Kojima discovered an abnormality on one of its file servers. After rebooting the system, the abnormality was confirmed to be a virus and it included a threatening message. Full details of the attack are still emerging.
After learning of the disruption, Toyota suspended operations of 28 lines at 14 different plants in Japan to prevent further damage.
Jeannie Warner is Exabeam‘s director of product marketing.
“Toyota reports roughly 400 tier-1 suppliers who are directly connected to Toyota’s Kanban production (inventory) control system,” she said. “Whether or not the attack on Kojima was motivated by geopolitical events remains to be seen. But Toyota’s response to the threat set the precedent on how companies should be acting in the event of a security incident with one of their partners in the supply chain. Toyota did the smart thing and shut down, and investigated its network to examine all connection points. The truth is that a network is only as secure as its patch level combined with what network access it has provided to various systems. Subcontractors in the supply chain may not have all of the resources of their larger counterparts to defend against attacks.”
The details surrounding the attack are still unclear, Warner said. However, Kojima has reported key signs of ransomware.
“If indeed the attack was ransomware deployed by nation-state actors, Toyota’s response demonstrated a valuable point,” she said. “Our greatest hope in defeating highly coordinated cyber threats is to become united in fending off multifaceted attacks. Toyota’s insight into the disruption on Kojima likely prevented more devastating consequences. I’m pleased to see organizations working together to mobilize against cyber adversaries across supply chains.”
