WannaCry Returns To Attack Honda

Uploaded on 2017-06-30 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Transport & Travel

Japanese carmaker Honda has admitted it was forced to briefly shut down a manufacturing plant after finding WannaCry ransomware on its network weeks after the threat first struck around the world.

The firm is said to have pulled the plug at its Sayama plant after discovering that the notorious ransomware was present on machines in Japan, North America, Europe, China and elsewhere.

A spokeswoman told Reuters that the firm had worked to patch systems against the threat when it emerged in mid-May.

Those efforts appear to have failed spectacularly, although the Sayama factory, which is said to produce 1000 vehicles per day, apparently reopened a day later and other plants were not affected.

WannaCry shook organisations across the globe when it landed on May 12, exposing poor patch management and a lack of basic security hygiene.

Official figures are difficult to come by, but two days after it broke, the threat had infected 200,000 victims in 150 countries, according to Europol.

Security experts were keen to stress the importance of prompt and comprehensive patching following the Honda incident.
“This latest incident reminds us that our efforts to defend our organizations against emerging threats is continuous. Regular review of all systems and their communication protocols is necessary and, more importantly, a thorough analysis of access controls,” advised One Identity UK director, Andrew Clarke.

Leigh-Anne Galloway, cyber security resilience lead at Positive Technologies, added that Honda was right to cease production. “The safety of employees should be of utmost concern,” she said. “However this incident could have been prevented with basic security hygiene, a patch management program and automatic updates to systems."

Reuters:         Infosecurity:        Dark Reading

You Might Also Read:

Attacks On Industrial Control System At An All-Time High:

UK Cyber Chief: Company Directors Are Devolving Responsibility For Hacks:

 

« Scenarios For Predicting Terrorist Attacks
How A Nation Became Russia's Cyberwar Experiment »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Uniken

Uniken

Uniken REL-ID is a safe, simple, and scalable security platform that tightly integrates your identity, authentication, and channel security.

Usenix

Usenix

Usenix brings together the community of engineers, system administrators, scientists, and technicians working on the cutting edge of computing.

Indusface

Indusface

Indusface offers best website security, web application firewall and SSL certificate to keep your online business much safer.

Cyber Security Centre - Daffodil International University

Cyber Security Centre - Daffodil International University

Cyber Security Centre, DIU is a non-profitable organization which is focused on applied research in cyber security.

ITonlinelearning

ITonlinelearning

ITonlinelearning specialises in providing professional certification courses to help aspiring and seasoned IT professionals develop their careers.

Apozy

Apozy

Apozy replaces a secure web gateway to nullify phishing, malware and impersonation attacks.

M12

M12

M12 (formerly Microsoft Ventures) is the corporate venture capital subsidiary of Microsoft.

Crown Sterling

Crown Sterling

Crown Sterling delivers next generation software-based, AI-driven cryptography in the form of random number generators and encryption products.

Securosys

Securosys

Securosys is a technology company dedicated to securing data and communications. We develop, produce, and distribute hardware, software and services that protect and verify data and their transmission

SessionGuardian

SessionGuardian

SessionGuardian (formerly SecureReview) is the world's first and only technology which ensures second-by-second biometric identity verification of your remote user, from log on to log off.

Intelligent CloudCare

Intelligent CloudCare

Intelligent CloudCare, a division of IPS, is a full IT Services provider serving the needs of SMBs in the metropolitan New York City region.

Mobilicom

Mobilicom

Mobilicom is an end-to-end provider of cybersecurity and smart solutions for drones, robotics & autonomous platforms.

Foresiet

Foresiet

Foresiet is the first platform to cover all of your digital risks, allowing enterprise to focus on the core business.

Amtivo Ireland

Amtivo Ireland

Amtivo Ireland (formerly Certification Europe and EQA) offers a range of certifications and related services.

Stack Overflow

Stack Overflow

Founded in 2008, Stack Overflow’s public platform is used by nearly everyone who codes to learn, share their knowledge, collaborate, and build their careers.

Sola Security

Sola Security

Sola Security is a cyber security startup company currently in Stealth mode.