Automotive hose maker Nichirin hit by ransomware attack - BleepingComputer

2022-06-23 10:21 (EST) - Bill Toulas

Nichirin-Flex U.S.A, a subsidiary of the Japanese car and motorcycle hose maker Nichirin, has been hit by a ransomware attack causing the company to take the network offline.

The attack occurred on June 14, 2022, and the company reacted as soon as it detected the unauthorized access on its network and moved operations into manual mode.

Customers should expect delays in getting their orders since the cyberattack also affected product distribution and orders are being fulfilled manually.

In an official statement [PDF, Japanese] yesterday, Nichirin underlines that system recovery has been prioritized to resume business operations. The company is currently investigating how the unauthorized access happened and is trying to determine "the effects of information leakage."

Additionally, the firms website had to be taken down temporarily until experts were able to determine the extent of the ransomware attack impact, but its now back online.

For now, the U.S. network segment remains isolated from the rest of Nichirins infrastructure, and there are no signs that the ransomware actors were able to pivot outside of it.

In a separate notice, Nichirin is warning clients and employees of the possibility of receiving emails that impersonate the firm, suggesting that the ransomware attack was possible through phishing.

HITTING THE SUPPLY CHAIN

Ransomware actors have shown increased interest in targeting suppliers of parts that are essential in automotive production.

The hoses manufactured by Nichirin are used in brake systems, air conditioning, power steering, and various hydraulic and pneumatic systems, providing suction, return, and high-pressure solutions with high durability and excellent heat resistance.

These products are very specialized, so finding replacement vendors isnt simple, and any disruption in their production can cause a domino effect in the car-making industry.

Recent examples of ransomware attacks hitting automotive industry suppliers is the March 2022 cyberattack on DENSO , one of the worlds largest automotive component manufacturers, who was compromised by the Pandora ransomware gang.

Earlier, in February 2022, Toyota Motors had to suspend car production in 14 of its Japan-based plants due to a cyberattack on one of its key suppliers, Kojima Industries, which makes plastic components.

Source

Previous
Previous

House Panel Clears Cyber/Tech Portion of FY2023 NDAA - meritalk.com

Next
Next

Slain deputy remembered as friend, role model, protector | Federal News Network