Toyota had to shut down operations at its plants in Japan after a cyberattack targeted one of its key suppliers. Kojima Industries, a manufacturer of automotive plastic parts, suffered a problem that disrupted ordering systems. It forced the company to turn off its computer network to prevent it from spreading.
The incident raised grave concerns about cybersecurity in the country and how one attack can bring the world’s largest automaker to its knees. Toyota later announced that it would resume normal activities in all Japanese plants on Wednesday after a one-day halt.
Toyota Pauses Operations – Ransomware at the Wheel
Japanese car manufacturer Toyota announced it would shut down domestic production on Tuesday following a cyberattack on its supplier. The company suspended 28 lines across 14 factories, with subsidiaries Daihatsu Motor and Hino Motors also halting operations at some plants. It affected the output of around 13,000 vehicles.
We apologize to our relevant suppliers and customers for any inconvenience this may cause.
Toyota spokesman
All this came after cybercriminals hit Kojima Industries, which supplies Toyota with electronic components and plastic parts, with what appears to be a ransomware attack. The company revealed it had discovered a virus in one of its file servers on Saturday night, along with a threatening message.
The supplier also said it informed the government and contacted the police. A Kojima spokesperson told Reuters the letter was in English but declined to make further comments.
Toyota later announced that normal production would resume on Wednesday. There was no information about who was responsible for the attack or their motive. It came after Japan joined Western allies in sanctioning Russia for invading Ukraine.
Chief Cabinet Secretary Hirokazu Matsuno said in a news conference that the government is investigating the incident, warning companies to strengthen cybersecurity measures as the situation in Ukraine continues to deteriorate. Ukraine suffered a massive DDoS attack a few days before the Russian invasion.
Manufacturing Sector a Popular Target for Hackers
In recent years, Japan has witnessed a worrying surge of cybercrime. Companies weren’t agile in updating their networks and defenses against innovative hackers. And according to IBM research, it’s the manufacturing sector that received the most onslaughts.
Their X-Force Threat Intelligence Index 2022 report shows that manufacturing is the number one target for cyberattacks, taking over from the finance and insurance sector. Hackers particularly fancy companies from this industry because they can’t afford downtime, making them more likely to pay up fast.
Cyberattacks on the top 10 industries, 2021 vs. 2020
Threat actors usually exploit existing vulnerabilities in operational technology that manufacturers deploy to steal company data. They also use phishing campaigns, in which they pose as legitimate entities, to trick victims into clicking malicious links and files.
Many of Toyota’s tier 1 suppliers connect to the automaker’s network through the kanban just-in-time (JIT) production control system. That is how the exposure at Kojima Industries found its way to the car manufacturer. Therefore, Toyota paused operations to prevent further damage and began system inspection and recovery.
