Toyota suspends operations at several plants after a supplier is hit by a cyberattack.
Anyone clicking on to the Kojima Industries’ website Monday was greeted with the same message: “This site can’t be reached.”
Kojima Industries, a supplier of plastic parts and electronic components for Toyota (TM) – Get Toyota Motor Corp. Report , said it was the target of some kind of cyber attack.
The disruption at the company, in turn, forced Toyota to suspend operation of 28 lines at 14 plants in Japan on Tuesday.
‘And Here We Go…’
The carmaker, which described the incident as a “supplier system failure,” said the suspension will impact the production of roughly 13,000 vehicles.
As to who is responsible for the attack, Japanese Prime Minister Fumio Kishida said his government would investigate the incident to see if Russia was involved, Reuters reported.
“It is difficult to say whether this has anything to do with Russia before making thorough checks,” he said.
Kishida on Sunday announced that Japan would join the United States and other countries in blocking some Russian banks from accessing the SWIFT international payment system.
He also said Japan would give Ukraine $100 million in emergency aid.
In the weeks leading up to the invasion, Ukrainian websites were defaced and taken offline and government software was hit by data-wiping malware.
The cyber attack sparked was commented on social media.
A poster on Twitter said that “there has been a significant rise in cyber attacks in the last 48hrs.”
‘Moscow Doesn’t Have a Lot of Options’
“Individuals and small businesses are targeted, not just multinationals and international companies,” the person said.
“Russia most likely attacked them after Japan supported Ukraine,” another said.
Michael Rogers, adjunct professor at Northwestern University’s Kellogg School of Management and a former director of the National Security Agency, said that “Russia has no ability to impose economic restrictions on the US in return, so they likely will respond with information manipulation and cyber attacks.”
“Putin will view cyber attacks as one of few tools in his arsenal to increase pressure on political decision-makers,” he said. “Russia has shown willingness to distort and force political action – I think you’ll see that again. Moscow doesn’t have a lot of options to impact the West, other than energy, cyber information, etc.”
Toyota said it does not yet know if the halt at its 14 plants in Japan, which account for about a third of its global production, will last more than a day.
“The fact that Toyota had to suspend all Japan factory operations after a supply chain cyber-attack is emblematic of vulnerabilities to all businesses, large, medium and small,” said Chuck Brooks, adjunct professor of cybersecurity risk management at Georgetown University. “Moreover, manufacturers such as Toyota have been a significant target of hackers in the past year, especially with ransomware attacks.”
Last May, Toyota reported a pair of cyber attacks, with the first hitting hit the European operations of its subsidiary Daihatsu Diesel Company, a Toyota-owned company entity that designs engines.
In addition, the Toyota subsidiary Auto Parts Manufacturing Mississippi revealed a ransomware attack.
‘The Stakes Are Too High’
“The Toyota attack may be state sponsored or affiliated via organized criminal cyber groups. It is too early to tell,” Brooks said. “However, there are steps that all companies should take to make themselves more resilient. It should start with companies creating a security risk management framework.”
The cybersecurity firm Dragos said in its fifth annual security report that “2021 was a pivotable year for ransomware gangs and their affiliates, with ransomware becoming the number one cause for compromises in the industrial sector.”
Manufacturing accounted for 65% of all ransomware attacks in 2021, followed by food and beverage and transportation.
“Businesses need to take cybersecurity seriously. Toyota is another in a long series of high-profile breaches,” Brooks said. “The stakes are too high not to consider the consequences. The global cyber ecosystem is on the verge of unparalleled exponential connectivity and new risks and unforeseen issues will continue to evolve and expand.”
He added that phishing is still the most preferred means of breaching business because it is easy, often is automated, and it works as people often click on a link they shouldn’t.
“Companies should aggressively train employees on how not to fall for a phish attack,” he said.
Having a framework or plan and being aware of the resources available and operational requirements for cybersecurity is a starting point, Brooks said.
The U.S. Cybersecurity & Infrastructure Agency said in a statement that there are no specific or credible cyber threats to the U.S. homeland at this time.
However, the agency said, “Russia’s unprovoked attack on Ukraine, which has involved cyber-attacks on Ukrainian government and critical infrastructure organizations, may impact organizations both within and beyond the region, particularly in the wake of sanctions imposed by the United States and our Allies.”
The agency said “every organization—large and small—must be prepared to respond to disruptive cyber activity.”
