Honda's 'technical problem' causes some business suspension, ransomware may cause cyber attack


by Yonkers Honda

Honda Motor Co., Ltd. (Honda) has announced that part of its business, including overseas production systems, has been suspended. Restoration work is being done at the time of writing the article, and it is said that the impact on the business is kept to a minimum, and it is pointed out that the internal network may have been attacked by ransomware .

Honda investigates possible ransomware attack, networks impacted
https://www.bleepingcomputer.com/news/security/honda-investigates-possible-ransomware-attack-networks-impacted/


Honda confirms its network has been hit by cyber attack | ZDNet
https://www.zdnet.com/article/honda-confirms-its-network-has-been-hit-by-cyber-attack/


Honda Customer Service on Twitter: “Currently, Honda Customer Service and Honda Financial Service are technically incapable and are not available. We are trying to resolve the issue as soon as possible. We apologize for the inconvenience. Thank you for your understanding and cooperation.' On the other hand, Honda did not reveal details of the 'technical problem'.



Cybersecurity researcher milkream pointed out that Honda's network is being attacked by ransomware called ` ` Snake(Ekans) '' from the verification result of the website / VirusTotal that inspects files and websites for malware doing.



IT news media Bleeping Computer tried to analyze this ransomware, but when it started, the file ended without being encrypted. 'Snake ransomware targets the domain mds.honda.com,' Milkream said. 'This sample also targets specific IP addresses hosted on unspec170108.amerhonda.com, in addition to mds.honda.com,' said security researcher Vitali Kremez .



It's unclear how much system Snake ransomware will affect, but according to BleepingComputer, Snake ransomware steals data before deploying encryption routines. That's right. In a statement to Bleeping Computer, Honda said, 'At this point, we have confirmed that there is no external leakage of information.'

The Snake ransomware sample code included the author's email address, and BleepingComputer was contacted, saying, ``At this point, we share details about the attack to allow the target some denial. It will never change. This will change over time.' He did not deny that he had attacked.

In July 2019, a database containing personal information of approximately 300,000 Honda employees, and in December 2019, a database containing information about American customers was not protected by external security. It was revealed that it was accessible from.

in Security, Posted by log1i_yk