A cyber attack on automotive parts supplier Kojima Industries on Monday has halted Toyota’s car production in Japan.
A spokesperson for Kojima, a supplier of air conditioning, steering wheel components and other parts to Toyota, confirmed that a virus had been found on its servers.
“A threatening message was also found, raising the possibility that it was attacked by ransomware,” the spokesperson said, adding the police were investigating the apparent attack.”
While the means of production were unaffected, according to the company, it was unable to deliver the parts to Toyota’s production lines. As a result, the automotive giant was forced to close all 14 domestic plants on Tuesday, although it plans to reopen on Wednesday. The closure of its production lines will set its schedule back by about 13,000 cars.
Other companies were also affected. Hino Motors, a part of the Toyota group, said two of its factories in Japan were impacted, and Toyota affiliate Daihatsu was forced to close its factory, although it also hopes to reopen tomorrow.
The incident has not been attributed to any particular cyber actor, but it occurred shortly after Japan placed sanctions on Russia’s central bank and said it would be sending aid to Ukraine.
Chief cabinet secretary in the Japanese government, Hirokazu Matsuno, urged other companies “to prepare for a heightened risk of such assaults as the Russian invasion of Ukraine continues”.
Commenting on the attack Oliver Pinson-Roxburgh, CEO at Bulletproof and Defense.com said: “Toyota looks to have fallen victim to a textbook case of supply chain attack.
“Research shows that more than a quarter of organisations do not patch critical vulnerabilities even though they are aware of them. This is a massive threat vector for bad actors to exploit as it can not only impact the company under attack, but as in this case, it can lead to third-party suppliers becoming victims.
“There needs to be an urgent shift in focus so organisations are not only protecting their own assets but are actively monitoring for threats at every touchpoint they have with other organisations.”
Toyota also experienced production woes last September, not because of a cyber attack, but as a result of the global chip shortage which forced the carmaker to reduce its output from the planned 800,600 to 500,000 units.