Cyber-Security Attack on Honda

Company's Global Operations Affected

Taba Zimmerman

Tuesday, June 9, 2020 BBC News reported that Honda's Global Operations suffered a cyber-security attack that is impacting its operations world-wide. The attack is affecting the company's ability to access its computer servers, email services and use of the internal systems. Honda has confirmed the attack took place on the Honda network and stated production systems outside of Japan were also affected. Some cyber-security experts have stated is looks like a ransomware attack, which could imply the hackers may have encrypted data or locked Honda out of some systems.

"It looks like a case of Ekans ransomware being used..." 

                    ~Morgan Wright, Chief Security Advisor, Sentinel One

Ekans, or Snake, ransomware can terminate specific industrial control system (ICS) processes. Industrial control systems are hardware and software with network connectivity integrated to support critical infrastructure. This blending of operational technology and information technology has cost-effective benefits along with increased speed, better responsiveness to conditions and improved reliability, but also has drawbacks in terms of security.

How can companies try to prevent these types of attacks?

The Cybersecurity & Infrastructure Security Agency (CISA) of the U.S. Department of Homeland Security has a proposed plan to defend industrial control systems. To view the full strategy document, click here. The plan steps are as follows:

  • Use application whitelisting to protect infrastructure from potentially harmful programming

  • Implement configuration management and patch management controls to keep control systems secure

  • Reduce attack surface areas by segmenting networks into logical parts and restricting host-to-host communications paths

  • Require multi-factor authentication and enforce the principle of least privilege (POLP)

  • Require remote access to be operator controlled and time limited

  • Monitor traffic within the control network and on ICS perimeters

  • Analyze access logs and verify all anomalies

  • Ensure the restore includes golden records so systems can be rolled back to last known good state

Do something about your IT Security!

Call the network security experts before disaster strikes