Honda halted production in a factory after finding WannaCry traces in its networks

The Honda company shuts down a factory in Japan after finding the WannaCry ransomware in its networks after 5 weeks its massive attack.

The WannaCry ransomware makes the headlines once again, The Honda Company to stopped the production in one of its plant in Japan after discovering the malware in its computer networks,

The Honda automaker halted the activities in the Sayama plant northwest of Tokyo on Monday after finding that the WannaCry ransomware had infected systems in its networks across Japan, North America, Europe, China, and other regions,

According to the Reuters agency, the experts discovered the infection on Sunday.

“The automaker shut production on Monday at its Sayama plant, northwest of Tokyo, which produces models including the Accord sedan, Odyssey Minivan and Step Wagon compact multipurpose vehicle and has a daily output of around 1,000 vehicles.” states the article.

“Honda discovered on Sunday that the virus had affected networks across Japan, North America, Europe, China and other regions, a spokeswoman said, despite efforts to secure its systems in mid-May when the virus caused widespread disruption at plants, hospitals and shops worldwide.”

According to the company, the production at other plants had not been affected, according to a Honda Spokesman, regular operations at the Sayama plant had resumed on Tuesday.

It is still unclear why the WannaCry ransomware was present in the Honda networks 5 weeks after its discovery,

the unique certainly is that the company had yet to patch its systems with the highly critical patch that Microsoft released in March.

One possibility is that IT staff at the company has inadvertently blocked the access to the kill switch domain that partially stopped the infections. That would have caused the WannaCry propagation inside the Honda networks.

We cannot exclude that the shutdown of Sayama plant was a  precautionary measure to eradicate dormant instance of the ransomware.

Honda wasn’t the only company forced to shut down its networks due to WannaCry, other automakers like Renault and Nissan Motor were affected and were forced to halt productions in plants in Japan, Britain, France, Romania, and India.

It’s my opinion that the failure in responding the WannaCry attack was primarily caused by the failure of patch management processes. Don’t forget that systems across the world were infected by ransomware that was exploiting a flaw that was already fixed by a two-month-old patch.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Wannacry ransomware, Honda)

[adrotate banner=”5″]

[adrotate banner=”13″]