Car Giant Toyota Forced to Halt Production Due to Supplier Cyber Attack

Toyota plastic parts supplier Kojima Industries has suffered a cyberattack that will force Toyota to suspend operation of 28 production lines across 14 plants in Japan, starting today This disruption is expected to result in a 5% monthly drop in Japan production, about 13,000 units.


Cyber pros weighed in on the incident and the importance of supply chain security during this time of heightened cyber risk.


Nick Tausek, Security Automation Architect, Swimlane:


"This cyberattack on Toyota supplier Kojima Industries demonstrates just how easily the impacts of a cyberattack can spread beyond the initial target. In this case, Toyota has been forced to shut down the operations of 28 production lines across 14 plants in Japan, which will result in a projected 5% drop in Toyota’s monthly Japan production, the equivalent of roughly 13,000 units.

To prevent cyberattacks such as the one on Kojima Industries from further disrupting the supply chain and halting crucial production processes, enterprises must ensure cybersecurity practices remain top-of-mind. Leveraging low-code security automation is a proactive way for companies to secure IT systems and mitigate outside threats. Multi-faceted cybersecurity platforms that streamline and centralize detection, response and investigation protocols allow for comprehensive, top-notch protection without the chance of human error. With these systems in place, security-related tasks can be carried out in a reliable and organized manner, ultimately keeping crucial businesses and their correlating establishments up and running without disruption."


Gil Azrielant, CTO and co-founder, Axis Security:


"The security event impacting Toyota is a reminder of the criticality of supply chains. Suppliers play a vital role in a business’ ability to scale and reduce costs. They’re also an entry point for security exploits for two reasons. First, partners can sometimes have weaker security practices. Secondly, VPNs are often used for supplier access, and place partners directly onto the corporate network.


This creates a perfect window of opportunity for a security attack. There are ways to reduce this risk though. The first critical step is for any company working with suppliers to adopt a zero trust network access (ZTNA) solution as a replacement for VPN. These services not only keep suppliers off the corporate network, and reduce the exposure of critical data and infrastructure, but also improve visibility into how suppliers are accessing data and what files they download. This is key in order to protect against supply chain attacks, and minimize business disruption."


Willy Leichter, CMO, LogicHub:


"While it's too soon to know for certain about the origin of the Toyota attack, there is every reason to be extremely vigilant and expect Russian-sponsored attacks.

Here's what we do know: Russian hacker groups have been responsible for a wide range of attacks globally, and have been attacking Ukrainian infrastructure for years. They've also used advanced attacks globally, such as NotPetya, and SolarWinds to plant untold numbers of backdoors in government and business networks.

We have to assume that a large number of these backdoors have not yet been discovered and are waiting to be exploited. We should also assume the precursors to the next attack are already inside our networks and defend accordingly.

This is the real test of zero-trust security - can we detect illicit activity across networks, cloud apps, databases, and third-party API links that have already bypassed traditional perimeter defenses?"


###