We have received several reports from Honda employees that the entire Honda network is down, and seems to have been compromised by a ransomware attack. The attack happened yesterday, June 7, and is impacting Honda’s overall business operations globally, in what seems to be both business and manufacturing arenas. Honda is currently dealing with this, and as of yet no timeline for resolution has been revealed, nor has the party responsible for the attack been identified.
We reached out to Honda, and were sent the following statement:
On Sunday, June 7, Honda experienced a disruption in its computer network that has caused a loss of connectivity, thus impacting our business operations. Our information technology team is working quickly to assess the situation.
That doesn’t give much detail, though it does confirm something is going on, and whatever that something is, it seems to be impairing Honda’s ability to be Honda.
We’ve also received some more details from anonymous Honda employees, such as this redacted text message:
In that text, HAM refers to Honda of America Manufacturing, and it appears that production has been halted at Honda’s facilities as a result of the attack.
Other employees have shared messages that suggest that workers not connect to Honda networks, and other others have sent us screencaps of Honda messages like this one:
So, if you’re affiliated with Honda and get emails from Honda, be wary.
Some sources are reporting that it is the Ekans malware. Ekans (it seems it’s just ‘snake’ spelled backwards, and a noted Pokémon) is designed to target industrial control systems, of which Honda, of course, has many.
Unlike previous industrial control system attacks that were largely state-sponsored, this seems to be from private criminals, with extorting money as the motive.
Honda is, of course, losing money every moment the attack keeps them shut down, and it’s not clear yet how the situation will be resolved.
We’ll update as soon as we know more information.