Honda may have been hit by a ransomware attack
Automaker’s IT network is experiencing issues but an investigation into the matter is already underway
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Honda is reportedly the latest company to fall victim to theSNAKE ransomwarewhich has affected its computer networks in Europe and Japan following a cyberattack.
At the moment, details are still unclear regarding the incident but the company has begun an investigation concerning the recently detected problems with its network. In a statement toBleepingComputer, a Honda spokesperson confirmed that its IT network is not functioning properly, saying:
“Honda can confirm that there is an issue with its IT network. This is currently under investigation, to understand the cause. In Europe, we are investigating to understand the nature of any impact”
Thankfully though, the issues have not affected Honda’s production in Japan or its dealerships. The company spokesperson also said that Honda customers have not been impacted by the issues with its IT network.
SNAKE ransomware
Although Honda is still investigating the incident and the company has yet to provide any substantial details on what happened, a security researcher namedMilkreamhas discovered that a sample of the SNAKE ransomware was submitted to VirusTotal which checks for Honda’s internal network name of “mds.honda.com”.
During its analysis of the sample,BleepingComputerdiscovered that the ransomware would start and exit immediately without encrypting any files. The researcher explained to the news outlet that this is because the ransomware tries to resolve the domain of Honda’s internal network and when it fails to do so, it terminates without encrypting any files.
It is still unclear as to how many of the Japanese auto maker’s systems are affected but SNAKE is known to steal a victim’s data before deploying its encryption routine.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Privacy advocate atComparitech, Paul Bischoff provided more details on how Honda may have been infected with the SNAKE ransomware, saying:
“Based on the limited information Honda has released about the attack, this looks like the result of ransomware. Given that many operations are shut down, but no data was stolen, ransomware is the most obvious culprit. Attackers might have tricked a Honda employee into clicking a link that downloaded a ransomware-infected file, for example. If Honda has proper backup systems in place, it should be able to mitigate the effect of the attack and resume operations with minimal downtime. Honda is a huge company, though, so any downtime incurs large losses even if the company chooses not to pay the ransom.”
ViaBleepingComputer
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.
Rising AI threats are making firms turn back to human intelligence
Thousands of employees could be falling victim to obvious phishing scams every month
Nokia confirms data breach leaked third-party code, but its data is safe
