Toyota forced to suspend operations after domestic supplier hit by cyberattack

Automobile maker Toyota announced Monday that it will discontinue operations at all of its plants in Japan on Tuesday, as a major supplier was hit by a suspected cyberattack. There were no immediate details of the nature and extent of the attack.

“Due to a system failure at a domestic supplier (KOJIMA INDUSTRIES CORPORATION), we have decided to suspend the operation of 28 lines at 14 plants in Japan on Tuesday, March 1st (both 1st and 2nd shifts),” Toyota said in an announcement titled ‘March Production Plan (as of February 28).’ 

“We apologize to our relevant suppliers and customers for any inconvenience this may cause,” Toyota said, adding that it “will also continue to work with our suppliers in strengthening the supply chain and make every effort to deliver vehicles to our customers as soon as possible.”

News agency Reuters said that “the attack comes just after Japan joined Western allies in clamping down on Russia after it invaded Ukraine, although it was not clear if the attack was at all related.”

Japanese Prime Minister Fumio Kishida said his government would investigate the incident and whether Russia was involved. “It is difficult to say whether this has anything to do with Russia before making thorough checks,” he told reporters.

Supply chain attacks have a cascading effect on operational environments, often leading to downtime of systems, monetary loss, and reputational damage. With such attacks becoming particularly attractive to cybercriminals, there is a need to build visibility into supply chains, so that management can confidently and quickly respond to the next security crisis. Last year, the SolarWinds supply chain attack stood out due to its sheer scale and influence, while other serious supply chain attacks have occurred during the year, such as Codecov in April and Kaseya in July. 

Following the tense situation between Russia and Ukraine, the ‘Anonymous’ hacker group has apparently targeted three Russian state news agencies urging Russia to ‘stop this madness’ after attacking Kremlin-backed channel RT and the Kremlin website, the DailyMail reported on Monday. “When trying to access Fontanka, TASS and Kommersant’s websites on Monday morning, error messages appeared and the websites were unable to load,” the newspaper added.

The group reported that the hacking collective’s #OpRussia campaign had taken down more than 300 Russian government, state media and bank websites over the past 48 hours, with the majority of those struggling to come back online. “We changed the dates and almost make its gas pressure become so high to turn into fireworks! Luckily we didn’t because of a fast-acting human controller,” the post said, adding screenshots of the breach.

Last week, US chipmaker Nvidia faced a devastating cyberattack that “completely compromised” its internal systems. “We are investigating an incident. Our business and commercial activities continue uninterrupted. We are still working to evaluate the nature and scope of the event and don’t have any additional information to share at this time,” the company said in a statement.

Over the weekend, U.S. security agencies issued a joint cybersecurity advisory (CSA) that warned of hackers deploying ‘destructive malware’ against Ukrainian organizations. It has been found that cybercriminals have tried to destroy computer systems and render them inoperable in the wake of the Russian attack against Ukraine.

The agency has also warned the critical infrastructure installations of malicious hackers, using influence operations to shape public opinion, undermine trust, amplify division, and sow discord. It also issued a ‘Shields Up’ alert that notifies every organization in the country of potential risk from cyber threats.

Anna Ribeiro

Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.