Honda suffers ransomware virus attack; car production stopped in some plants

Ransomware remains one of the main threats to individuals, public organizations and large companies, network penetration testing specialists said. Recent reports indicate that major automotive company Honda suffered an encryption malware attack that disrupted some of its operations in Japan, the U.S. and Europe. The company would have been attacked with the Ekans ransomware variant.

The company has not officially recognized the ransomware attack, although it acknowledges experiencing a security incident that forced the momentary closure of some plants: “Honda experienced an outage in its computer network that caused a loss of connectivity, which affected our business operations. We have canceled some of the production today and are currently evaluating the situation.”

SOURCE: Virus Total

Honda added that the incident is already under investigation: “There is an ongoing investigation to understand the causes of the incident. We can confirm that there was no negative impact on our production, distribution or customer service process,” a spokesperson said.

Network penetration testing experts say the ransomware was detected over the weekend, so on Monday the company made the decision to discontinue some of its operations. In this regard, the security company Virus Total claims to have evidence that the threat actors behind the attack developed a custom ransomware variant for Honda’s servers.

Ekans is a ransomware variant developed from the Snake malware, which was recently detected in the attack on the company Fresenius Group, which is one of the most important medical services companies in Europe, as mentioned by network penetration testing specialists.

Fresenius Group offers dialysis products and services at multiple hospitals in the United States and Europe. In May, the chain announced the postponement of some surgical procedures to focus all its efforts on stopping the COVID-19 pandemic.

Cyber security specialists recommend that companies implement innovative protection methods to mitigate the risk of attacks, as thousands of infection attempts with encryption malware are detected daily. Although there are multiple security solutions for detecting this kind of malware, experts ensure that creating backups remains the best way to combat a potential ransomware attack.

For further reports on vulnerabilities, exploits, malware variants and computer security risks, it is recommended to enter the website of the International Institute of Cyber Security (IICS), as well as the official platforms of technology companies.