Toyota Shut Down Japanese Plants In A Supply Chain Attack

The world’s largest car-maker Toyota Motor Corp. has shut down plants across Japan and the factories of two subsidiaries Hino and Daihatsu after a cyber attack and it is unclear when production might resume.  The attack was on one of the car maker’s largest parts suppliers and this means that the company will suspend 28 lines at 14 plants. 

These events highlight the particular vulnerability of manufacturing industry to such attacks, and the substantial consequences a breach can cause.

The decision by Toyota comes as governments around the world warn companies of cyber attack risks following Russia’s invasion of Ukraine. Senior Japanese officials have said they feared leading companies were now targets for reprisals after the government joined other G7 industrial nations in applying tougher sanctions against Russia.
Toyota, which did not specify the nature of the attack nor identify Russia as a source, said it would stop production at all 14 domestic plants. Toyota employs more than 70,000 workers in Japan. 

Toyota said the shutdown followed “system failures at a domestic supplier”, which it later identified as the general component maker Kojima Press Industries. The car maker has said that this shut-down would reduce production by 13,000 vehicles. It is investigating when it can resume production operations.  Japanese media, without citing sources, reported the attack on Kojima appeared to have affected Toyota’s system for making and receiving orders for parts.

  • Kojima Press Industries’ said it had been attacked by a targeted virus from outside, adding that it was considering informing the police. Japan’s ministry of economy, trade and industry said in a statement: “Given the current situation, the potential risk of cyber attacks is increasing.”
  • Japan’s Prime Minister Fumio Kishida told reporters that the country had decided to join western nations in removing some of Russia’s banks from the Swift global payments system. Officials at the cabinet secretariat’s cyber security centre said they were aware of the reports and were gathering information with the ministry of industry, but said they could not determine where the attack originated. 

One adviser to the Japanese government on cyber security issues said concerns were rising that Russian president Vladimir Putin had unleashed hackers with orders to attack targets in countries that were prominent supporters of Ukraine. 

“Normally, you would look at an attack on Toyota or Kojima as financially motivated, but there does not seem to be evidence of that here,” said the adviser.  

Toyota has already been forced to adjust production goals because of pandemic-related supply chain issues and the global chip shortage.

Asian Nikkei:       Reuters:      FT.com:   Arab News:     DenbighshireFP:       Techmonitor

You Might Also Read: 

Honda Hit By Ransomware:

 

« Russian Cyber Crime Group Issues A Warning
The Online Battle In Ukraine »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Information-Technology Promotion Agency (IPA) - Japan

Information-Technology Promotion Agency (IPA) - Japan

IPA is an implementing agency in Japan with a role to address Information Security, IT Systems Reliability and IT Resource Development.

CERT-UA

CERT-UA

CERT-UA is the national Computer Emergency Response Team for Ukraine.

Positive Technologies

Positive Technologies

Positive Technologies is a leading global provider of enterprise security solutions for vulnerability and compliance management, incident and threat analysis, and application protection.

Exein

Exein

Exein are on a mission to build the world’s first ecosystem for firmware security so that all different types of firmware are secure around the world.

Cybercrime Support Network (CSN)

Cybercrime Support Network (CSN)

CSN is a public-private, nonprofit collaboration created to meet the challenges facing millions of individuals and businesses affected each and every day by cybercrime.

Zeguro

Zeguro

Zeguro provides complete cybersecurity risk assessment, mitigation and insurance, allowing you to easily manage your cyber risk.

Radically Open Security

Radically Open Security

Radically Open Security is the world's first not-for-profit computer security consultancy company.

Greylock Partners

Greylock Partners

Greylock Partners is a leading venture capital firm based in Silicon Valley. We invest in all sectors of enterprise software technology including applications, cloud/SaaS, networking and security.

Intraprise Health

Intraprise Health

Intraprise Health is a Certified HITRUST Assessor and award-winning provider of health information security products and services.

Huntress Labs

Huntress Labs

Huntress provides managed threat detection and response services to uncover and address malicious footholds that slip past your preventive defenses.

Trustmarque

Trustmarque

Trustmarque delivers customer-centric IT solutions that enable better outcomes. We combine the technology, expertise and services to release value at every stage of the IT lifecycle.

Imprivata

Imprivata

Imprivata is the digital identity company for life- and mission-critical industries, redefining how organizations solve complex workflow, security, and compliance challenges.

Tidal Cyber

Tidal Cyber

We formed Tidal for one simple reason—we believe that defenders need and deserve tools and services that make achieving the benefits of threat-informed defense practical and sustainable.

Zluri

Zluri

Zluri is a cloud-native SaaSOps platform enabling modern enterprises with SaaS Management and Identity Governance.

CyAmast

CyAmast

CyAmast is an IoT Network security and analytics company that is changing the way enterprise and governments detect and protect networks from the pervasive threat of cyber attacks.

SECTA5

SECTA5

SECTA5 is a cybersecurity company building a next-generation Continuous Threat and Exposure Management platform, leveraging the expertise of offensively trained cyber defenders.