Honda manufacturing plants in Ohio and Turkey went offline on Tuesday, June 9 after a cyberattack compromised some of the Japanese automaker’s facilities. While cybersecurity researchers say a ransomware attack is most likely to blame, it’s unclear whether the attack targeted information technology systems or industrial control systems themselves.
“Honda has experienced a cyberattack that has affected production operations at some U.S. plants,” Chris Abbruzzese, a spokesman for Honda North America, tells Popular Mechanics. “However, there is no current evidence of loss of personally identifiable information. We have resumed production in most plants and are currently working toward the return to production of our auto and engine plants in Ohio.”
hen the researchers examined the code, they found mentions of a network name related to the auto manufacturer: mds.honda.com. This is not a domain name you can visit online, so it’s presumably part of an internal network at Honda. “When the malware executes, it will try to resolve to a hardcoded hostname (mds.honda.com). If, and only if it does, will the file encryption begin,” the researchers say.