WannaCry Returns To Attack Honda

Japanese carmaker Honda has admitted it was forced to briefly shut down a manufacturing plant after finding WannaCry ransomware on its network weeks after the threat first struck around the world.

The firm is said to have pulled the plug at its Sayama plant after discovering that the notorious ransomware was present on machines in Japan, North America, Europe, China and elsewhere.

A spokeswoman told Reuters that the firm had worked to patch systems against the threat when it emerged in mid-May.

Those efforts appear to have failed spectacularly, although the Sayama factory, which is said to produce 1000 vehicles per day, apparently reopened a day later and other plants were not affected.

WannaCry shook organisations across the globe when it landed on May 12, exposing poor patch management and a lack of basic security hygiene.

Official figures are difficult to come by, but two days after it broke, the threat had infected 200,000 victims in 150 countries, according to Europol.

Security experts were keen to stress the importance of prompt and comprehensive patching following the Honda incident.
“This latest incident reminds us that our efforts to defend our organizations against emerging threats is continuous. Regular review of all systems and their communication protocols is necessary and, more importantly, a thorough analysis of access controls,” advised One Identity UK director, Andrew Clarke.

Leigh-Anne Galloway, cyber security resilience lead at Positive Technologies, added that Honda was right to cease production. “The safety of employees should be of utmost concern,” she said. “However this incident could have been prevented with basic security hygiene, a patch management program and automatic updates to systems."

Reuters:         Infosecurity:        Dark Reading

You Might Also Read:

Attacks On Industrial Control System At An All-Time High:

UK Cyber Chief: Company Directors Are Devolving Responsibility For Hacks:

 

« Scenarios For Predicting Terrorist Attacks
How A Nation Became Russia's Cyberwar Experiment »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Hodgson Russ

Hodgson Russ

Hodgson Russ is a US business law firm. Practice areas include Privacy, Data Breach & Cybersecurity.

RKH Specialty

RKH Specialty

RKH Specialty, part of the Hyperion Insurance Group, is a provider of specialty insurance services including Cyber Risk cover.

ISGroup (Information Security Group)

ISGroup (Information Security Group)

ISGroup services include network penetration testing, Web application penetration testing, ethical hacking, vulnerability assessments, code review and associated training.

IUCC Cyber Unit - Israel

IUCC Cyber Unit - Israel

IUCC Cyber Unit safeguards Israel’s National Research & Education Network (NREN).

Vesta

Vesta

Vesta Corporation is a global provider of a scalable suite of fraud and payment solutions for online commerce.

ShieldIOT

ShieldIOT

ShieldIOT delivers a complete AI-powered security solution across any IoT device, application and network.

Emirates International Accreditation Center (EIAC)

Emirates International Accreditation Center (EIAC)

EIACI is the national accreditation body for the United Arab Emirates. The directory of members provides details of organisations offering certification services for ISO 27001.

Cryptika

Cryptika

Cryptika is a fully integrated IT security and managed services provider, specialized in Next-Generation Cyber Security Technologies.

Humming Heads

Humming Heads

Humming Heads offers a complete solution to fight the advanced threats that target a company's endpoints and servers.

Stacklet

Stacklet

Stacklet provides cloud governance as code platform that accelerates how Global 2000 manages its security, asset visibility, operations, and cost optimization policies in the cloud.

ActiveFence

ActiveFence

ActiveFence enables Trust & Safety teams to be proactive about online integrity so they can keep their users safe from online harm – across content formats, languages, and abuse areas.

Knownsec

Knownsec

Knownsec provides customers with cloud defense, cloud monitoring, and cloud mapping products and services with "AI + security big data" as the underlying capability.

Bulletproof Solutions

Bulletproof Solutions

Bulletproof provides IT expert support, services, and guidance to businesses small and large as they grow and adapt to today’s complex IT, cybersecurity, and compliance needs.

Zafran

Zafran

Zafran is a Risk & Mitigation Platform that defuses threat exploitation by mobilizing existing security tools.

Eclypses

Eclypses

Eclypses has a disrupting cyber technology, offering organizations an advanced data security solution called MicroToken Exchange (MTE).

SOCRadar

SOCRadar

SOCRadar is an Extended Threat Intelligence (XTI) SaaS platform that combines External Attack Surface Management (EASM), Digital Risk Protection Services (DRPS), and Cyber Threat Intelligence (CTI).