Honda Rebounds From Cyber Attack; So, What Happened?

honda rebounds from cyber attack so what happened

Struck by a cyber attack on its global computer network that temporarily knocked out a few factories and most of its customer service centers, Honda is reporting that things are gradually returning to normal.

“Work is being undertaken to minimize the impact and to restore full functionality of production, sales and development activities,” the company said in a statement earlier this week.

Impacted facilities are supposedly already in decent shape, and the business hopes to move past this in short order. But what actually happened?

According to the informed nerds at Tech Crunch, Honda was made subject to “Snake ransomware.” The file-encrypting malware basically jumbles all the data on a network (or access to it) so it cannot be used by its owner and can be rescinded after the criminals are paid off — usually with digital currencies. Honda said that it doesn’t believe any files were pulled but its network had been held for ransom by unsavory actors. It also admitted that it didn’t have all the answers just yet.

Factories, including the plant in Marysville, Ohio, are said to be resuming operations today or tomorrow. Customer service is still reporting issues, however. There are also lingering concerns from experts that the corporation could be vulnerable to subsequent attacks until a rigorous investigation has been completed.

From Tech Crunch:

Brett Callow, a threat analyst at security firm Emsisoft, said a sample of the file-encrypting malware was uploaded to VirusTotal, a malware analysis service, referencing an internal Honda subdomain, mds.honda.com.

“The ransomware will only encrypt files on systems capable of resolving this domain but, as the domain does not exist on the clear net, most systems would not be able to resolve it. mds.honda.com may well exist on the internal nameserver used by Honda’s intranet, so this is a fairly solid indicator that Honda was indeed hit by Snake,” said Callow.

Honda finds itself in similar company to IT giant Cognizant, cyber insurer Chubb, and defense contractor CPI, all of which were hit by ransomware this year.

Honda was hit with ransomware before, in 2017 — along with Renault, Nissan, Dacia and a bunch of other companies we don’t care about because they don’t build cars. It’s no stranger to digital shenanigans. But the aforementioned WannaCry attacks haven’t made it invulnerable to similar intrusions. Likewise, a lot of the more recent cyber attacks are presumed to have state backing due to their increasing levels of complexity. We don’t envy corporations having to contend with these attacks, least of all now that they seem to be coded by professionals.

Honda hasn’t mentioned what was lost in the attack, or even if it caved to the demands. For what it’s worth, it did say that there was “no current evidence of loss of personally identifiable information” and that most facilities are already operational. Let’s hope it stays that way.

[Image: Anastasiia Moiseieva/Shutterstock]

Comments
Join the conversation
 13 comments
  • Sgeffe Sgeffe on Jun 11, 2020

    Good to know they’re getting back to normal. (Well, whatever “normal” is in the COVID-19 era!) Even as a Systems Analyst, I’d need help if I fell for one of these! More to the point here, I couldn’t correct the problem of my own Accord! ;-)

  • Brn Brn on Jun 11, 2020

    I find it interesting that we don't work harder to locate and punish those responsible for stuff like this. Their crimes are large, destructive, and intentional.

    • See 5 previous
    • Lorenzo Lorenzo on Jun 13, 2020

      @sgeffe That's just normal commerce - asking about your avatar. They scan the net for any kind of hook to get you to buy something. I just searched for the history of John Bell Hood, the Confederate general Fort Hood was named after, and I got a pop-up offering more info about him, from a publishing company! That's not a sinister cyber-attack, it's just online business, with an assist from Google, suctioning any data from users they can sell.

  • DenverMike Pininfarina I know it's not related to this, I just like saying it.
  • Matt Posky I don't understand the appeal of fake meat and this seems to operate under a similar premise: You don't want the V8 because someone says it's bad for you. But you can have something designed to mimic the experience because that's what your body actually wants. The styling is cool I guess. But I don't understand why EVs don't just lean into what they are. Companies can make them produce any wooshing or humming noises they want. Buiding an entire system to help you pretend it still has a combustion engine seems a little lame.
  • DenverMike I'm sure it would have a volume control. It's nice to sneak into my neighborhood at 2am quietly. Or creep out, 4am. I don't get much sleep OK, but I always keep my V8 exhaust stock, as much as I love the sound of others loud. My stereo would make it pointless anyway.
  • FreedMike I’d love to see more tracks, or off-road parks if that’s your jam. But for those of us who’d love to take part in this kind of thing, practicality is the limiting factor. Racing has always been expensive, and most people don’t want to do it with their daily drivers - I’d love to see what my GLI would do on a track, but not at the cost of voiding my warranty, or potentially wrapping up the car (which I’m pretty sure would put me on State Farm’s Keith Moon-trashing-the-Holiday Inn list). As a practical matter, you have to have a vehicle that is intended to be used for racing, and the ability to fix it; most folks don’t have that kind of money or skill set.
  • Dukeisduke Oh, so it *is* a hatchback. Last night, I watched the replay of the reveal with Tim Kuniskis presenting the car, on Instagram. A "fly-through" of the car on the pre-rollout video made it look like they were going through an open hatch, so it had me wondering. The car attracted a lot of negative comments on IG, on feeds of guys who were there live.This is probably the least "electric car" electric car.
Next