Toyota resumes production activities after the cyber attack

Toyota riprende le attività di produzione dopo l

Toyota Motor Corp will resume internal production from tomorrow (Wednesday) after a cyber attack on a supplier shut down the auto giant’s factories for a dayraising concerns about the vulnerability in Japan’s Inc.’s supply chain.

“Due to a system failure at a domestic supplier (Kojima Industries Corporation), we decided to suspend the operation of 28 lines at 14 factories in Japan on Tuesday, March 1,” Toyota wrote on its global website.

At the moment, no information has been made available on who is behind the attack, nor on the motive. This came shortly after Japan joined Western allies in sanctions against Russia in response to the invasion of Ukraine, although it is unclear whether the attack is related.

Cybersecurity has emerged as a key area of ​​concern in Japan, where government critics say responses to hacking threats have been hampered by a fragmented approach – an attack on a hitherto unknown vendor was enough to stop one of the most powerful producers in the world.

Toyota production lines will be reactivated in its 14 plants across the country tomorrow, reads a note. The suspension on Monday stalled production by around 13,000 vehicles.

Kojima Industries Corp, which supplies plastic parts and electronic components to the automaker, said it discovered an error in one of its file servers on Saturday night. After restarting the server, it confirmed it was got infected with a virus and found a threatening messagereads in a separate statement. The message was written in English, a spokesman for Kojima told Reuters, but he declined to provide further details.

The “failure” of Kojima’s system did not allow the supplier to ship parts for vehicle assembly, forcing Toyota, which does not stock components at its factories, to suspend production, a Toyota spokesperson said.

Toyota may have used Emotet malware for the cyber attack on its supplier

Government ministers said they were closely following the incident. While large companies have cybersecurity measures in place, the government is concerned about small or medium-sized subcontractorsJapan’s industry minister told reporters Tuesday, Koichi Hagiuda.

Reports of the powerful Emotet malware have increased since the first week of February 2022, according to the Japan Computer Emergency Response Team / Coordination Center, which provides information on cybersecurity.

toyota cyber attack

Emotet is used to access a victim’s computer before downloading additional malicious software, such as those designed to steal banking passwords or ransomware that can lock down a computer or server until a ransom is paid to regain control of their data.

Non it’s clear if Emotet is the same malware used to attack the Toyota supplier. Kojima only supplies to Toyota and is a top tier supplier of some parts and a second tier supplier to others, Kojima’s spokesperson said. Toyota’s operations in Japan include a supply chain of 60,000 companies spread over four tiers.

Toyota said it will be able to resume business thanks to a backup network implemented between it and the supplier. Had there not been this backup, Toyota admits it would have taken a week or two to fully restore the system.