Toyota halts production after cyberattack on supplier

Toyota plastic parts supplier Kojima Industries (Kojima) has suffered a cyberattack that forced Toyota Motors to suspend the operation of 28 production lines across 14 plants in Japan for a day. The disruption is expected to result in a 5% monthly drop (13,000 units) in Japanese production. Recently, the company announced it would restart domestic production.

On February 26, Kojima discovered an error at one of its file servers. After rebooting the server, it confirmed the company was infected with a virus and found a threatening message written in English. At this time, there is no information on the culprit or the motive.

According to Reuters, Japanese government ministers said they were closely following the incident and worried about other attacks on small to mid-size companies. Further underscoring those fears, GMB Corp, a lower-tier maker of water pumps and other automotive parts, said it was a target of ransomware and was unsure when operations would return to normal.

The attack on Kojima Industries is a perfect example of the criticality of supply chains. While suppliers play a vital role in a business’s ability to scale and reduce costs, they’re also an entry point for security exploits for two key reasons, explains Axis Security’s CTO and co-founder, Gil Azrielant. “First, partners can sometimes have weaker security practices. Secondly, VPNs are often used for supplier access and place partners directly onto the corporate network, creating a perfect window of opportunity for a security attack.”

Luckily, there are ways to reduce these risks, Azrielant says. A critical step that any company working with suppliers must take is to adopt a zero trust network access solution as a replacement for a VPN. “These services not only keep suppliers off the corporate network and reduce the exposure of critical data and infrastructure but also improve visibility into how suppliers are accessing,” Azrielant says.

Craig McDonald, VP of Product Management at BackBox, suggests that enterprise security teams familiar with exercising the elements of disaster recovery may drastically decrease IT system downtime, which causes an average loss of $300,000 per hour, according to Gartner.

McDonald notes critical elements of disaster recovery include:

Collecting a complete inventory of all applications, software and hardware.
Outlining specific individual responsibilities in the event of a disaster and ensuring those individuals understand their responsibilities.
Having alternative communication methods in place.
Carrying out regular reviews of this plan as a whole.

“In addition to having a disaster recovery plan, companies can proactively prevent outages and unnecessary downtime by leveraging network automation that removes complexity from error-prone management tasks,” McDonald says.

Maria Henriquez joined Security Magazine in 2019 as its Associate Editor. Since then, she has been covering the security industry and reporting on issues affecting enterprise security leaders, to include cybersecurity, leadership and management, risk and resilience and pressing security challenges facing the industry.

Situational awareness should be at the forefront of your security program. It can mean the difference between life and death in a workplace emergency.

Security’s digital transformation is now entering stage 5. Complex security technologies are connected to HR systems, global security operations centers, and other building technologies in a world where employees now work in two places: home and the corporate office.