Honda investigates suspected Snake ransomware attack

Attack disrupts world operations at carmaker, with assembly traces falling soundless and sales suspended

Alex Scroxton

Alex Scroxton,
Security Editor

Revealed: 09 Jun 2020 16: 19

Production and sales of Honda vehicles, motorcycles and totally different products has been suspended at web sites all around the sector while the Eastern automaker attempts to fetch better its methods following a suspected ransomware attack that compromised access to its IT methods.

The company confirmed that manufacturing at its factories all around the sector had been halted, while at its UK plant in Swindon, the keep it manufactures its Civic model, a deliberate reopening after the power used to be shut down as a result of Covid-19 coronavirus pandemic has been pushed relief to later this week.

“Honda can verify that a cyber attack has taken keep on the Honda network,” a spokesperson for the company suggested Computer Weekly. “We could well also verify that there isn’t this sort of thing as a recordsdata breach at this level in time.

“Work is being undertaken to minimise the affect and to restore pudgy performance of manufacturing, sales and growth activities. At this level, we query minimal industry affect.”

The attack first came to light on Monday 8 June, when Honda said it used to be investigating what used to be then believed to be an unauthorised strive to access its methods. Constant with the Monetary Times, the company suggested staff now to not access their IT instruments as a precaution while it investigated.

This has induced speculation amongst safety researchers that the company has been focused with the moderately original Snake, or Ekans, stress, after a sample of the ransomware came to light that comprises references to an IP take care of linked to a Honda arena, and checks for an interior Honda network sooner than encrypting recordsdata.

First identified earlier in 2020, Snake/Ekans is an awfully terrible diversity of ransomware that particularly targets industrial control methods (ICS).

Constant with researchers at Dragos, it comprises a “moderately passe” attack mechanism, however specifies a large replacement of processes in a static assassinate checklist that demonstrates a level of intentionality on the portion of its writers that has no longer been viewed sooner than in ransomware targeting manufacturers. This makes it in particular terrible.

Dave Palmer, director of know-how at AI safety outfit Darktrace, said: “Ekans is a moderately original fetch of ransomware – a tool that has the vitality to lock down industrial control methods and equipment in factories.

“Serious environments discontinue no longer fail gracefully. There isn’t the selection of reverting to pen and paper and muddling along. Now we indulge in to make in cyber resiliency so these methods are in a keep to face up to and fight relief against cyber assaults.”

OzAlashe, CEO at CybSafe, added: “Snake … targets an total network, as a change of particular particular person workstations. Honda’s world operations indulge in already been disrupted, and while some methods appear to be relief online, it is most likely that rolling relief up to pudgy operations will make an effort.

“This attack comes at a no longer easy moment for the automaker, with the industry already going thru added financial stress from coronavirus and diminished ask for its items.”

Dragos impressed ICS asset operators to learn about their attack surfaces urgently and resolve mechanisms to negate and distribute Ekans/Snake.

Bellow Continues Under