Honda Global Operations Halted by Ransomware Attack

As if the world was not volatile enough in 2020, news is now emerging of the latest global companies to be hit by a ransomware attack.

Honda has confirmed that a cyberattack detected on Monday of this week has brought parts of its global operations to a standstill.

Honda is one of the largest vehicles manufactures in the world, employing more than 200,000 staff, with factories in the UK, North America and Europe.

Details of the attack are still emerging, but here is what we know so far.

The Culprit

Based on samples posted online, the likely culprit may be tied to the Snake (Ekans) ransomware family.

Snake, like other file-encrypting malware, scrambles files and documents and holds them hostage for a ransom, expected to be paid in cryptocurrency.  However, Snake will target the entire corporate network and will encrypt all connected devices, including data backup.

Detected by the MalwareHunter Team in January of this year, Snake Ransomware has been developed with ability to obfuscate all forms of anti-malware solutions that any other previous forms of ransomware could have done till date.

Although this latest attack is gaining media attention, it comes as no surprise to the global cyber security council.  Security researchers have been reporting a spike in Snake ransomware activity targeting organisations worldwide from 4 May this year.  Evidently, Honda did not take action.

Possible Attack Vector

The specific attack vector has yet to be confirmed, but the likely entry point may be RDP as Honda had some machines with Remote Desktop Protocol (RDP) access publicly exposed.

Implications

Ransomware gangs have shown no mercy, even in this period of dealing with a pandemic.  They continue to target organisations, large and small, public and private.  Given the evolving nature of work and collaboration, IT environments are now more exposed than ever.

Thomas Peer Solutions has over 10 years’ experience in business continuity management.  We are offering ANZ based organisations a free cyber resiliency assessment* where we will benchmark your cyber recovery and data protection environment against industry best practices.

Fill out the contact form below to arrange a convenient time for us to assess your environment.

*Offer valid until 31st June 2020.  Cyber Resieliency Assessment usually charged at $4,950.