The plastic and electronic parts supplier of Toyota became a victim of a cyber-attack that resulted in the automobile manufacturer shutting down its operation.
On Monday, Feb 28, 2022, Toyota released a statement that it would shut its operation in Japan after a suspected cyber-attack. This has resulted in the automobile manufacturer losing 13,000 cars of output. The spokesman from Toyota said that it was “supplier system failure,” after the spokesperson from Kojima Industries Corporation said – that the organization that supplies electronic systems and plastic parts to Toyota- became a victim of some type of cyber-attack.
As per Tim Wallen, LogPoint UK&I Regional Director, “The reports of Toyota, the world’s largest car manufacturer, having to shut down 14 factories and 28 production lines for an entire day due to a cyber-attack serves as a warning in these volatile times.,” He further added, “While the manufacture of cars is not necessarily critical to societies, it’s a warning of how cyber-attacks can influence ‘in real life’, not limited to leaks of digital information or systems being held for Ransom. When production lines are halted and workers have to stay at home, we have to carefully consider whether we have done enough to protect our digital infrastructures. With some 180,000 people employed directly in automotive manufacturing in the UK and in excess of 864,000 across the wider automotive industry, this is a crucial industry to protect.”
Kojima provides Toyota with both exterior and interior parts, including components such as air-conditioning systems as well as the steering wheel. While the supplier confirmed that it was not affected at first, it was unable to communicate with Toyota or monitor production. The issue also had a negative impact on Toyota’s “just-in-time” manufacturing system that needs parts to be delivered before they are being installed, so they do not pile up in stock.
Toyota was not sure that the halt at its 14 plants in Japan that accounts for a third of its global output would last more than a day. Hino Motors and Daihatsu, the affiliate partner of Toyota, have also shut down their operations.
The immediate shutdown of its production lines is only worsening the condition of the automobile manufacturer as it still reels from supply chain disruptions due to COVID-19.
There is no information available on the perpetrator of the cyber-attack.
Toyota also had to stop its production in North America due to the shortage of parts caused by the protests of Canadian truckers.
“The attack on Toyota also serves as a reminder that global industries are entirely dependent on a very long and potentially vulnerable supply chain to deliver components just-in-time. It is not enough for Toyota to have high cyber security standards; manufacturers also have to ensure that their supply base adheres to the same standards to secure the chain. The Emotet malware string suspected to be the cause of the Toyota breakdown, possibly through a sub-supplier, is a tricky piece of malware. But it has been around for years, and its signature is well-known to cybersecurity teams. While it’s constantly evolving, it can be detected and fought off using the right SIEM and SOAR tools,” added Tim Wallen.
In its recent statement, Toyota said it would resume its Japanese productions from Wednesday. It would take seven to fourteen days to get the system back to its original place. This has sparked concerns about vulnerabilities in Japan’s Inc supply chain.