TOKYO – Toyota is set to restart domestic production from Wednesday after a cyberattack against a supplier shut down the automaker’s factories for a day, raising concerns over supply chain vulnerabilities from Japan’s Inc.
No information was available about who was behind the attack, nor about the motive. It came just after Japan joined western allies to contain Russia in response to the invasion of Ukraine, though it was unclear whether the attack was related to the attack.
Cybersecurity has emerged as a major concern in Japan, where government critics say responses to hacking threats have been hampered by a fractured approach: An attack on a hitherto unknown supplier was enough to destroy one of the world’s most powerful manufacturers. to halt in their own country.
Toyota’s production lines will be turned back on Wednesday at its 14 plants across the country, it said in a statement. Tuesday’s suspension reached production of about 13,000 vehicles.
Kojima Industries Corp., which supplies plastic parts and electronic components to the automaker, said it had discovered an error on one of its file servers on Saturday night. After the server rebooted, it confirmed it was infected with a virus and found a threatening message, it said in a separate statement.
The message was written in English, a Kojima spokesperson told Reuters, but declined to provide further details.
The system failure at Kojima prevented the supplier from shipping parts, forcing Toyota, which does not stock parts in its factories, to suspend production, a Toyota spokesperson said.
Government ministers said they were following the incident closely. While major companies have taken cybersecurity measures, the government is concerned about small or medium-sized subcontractors, industry minister Koichi Hagiuda told reporters on Tuesday.
According to the Japan Computer Emergency Response Team/Coordination Center, which provides information on cybersecurity, there have been increasing reports of the powerful malware Emotet being used since the first week of February 2022.
Emotet is used to gain access to a victim’s computer before downloading additional malicious software, such as software designed to steal bank passwords or ransomware that can lock a computer until an extortion fee is paid.
It was not clear whether Emotet was being used on the Toyota supplier. Toyota declined to comment on whether it had detected early signs of a possible cyberattack or whether Emotet was responsible for crippling operation.
Kojima supplies only to Toyota and is a top supplier of some parts, and a second-rate supplier of others, the Kojima spokesman said. Toyota’s operations in Japan span a supply chain of 60,000 companies across four tiers.
Toyota said it could resume operation by using a backup network between Toyota and the supplier. It would take a week or two to fully restore the system, it said.
In November 2020, Japanese video game maker Capcom, which makes games including Resident Evil, said a ransomware attack likely compromised personal information of up to 350,000 gamers and that some of its own financial data had been stolen.
Honda halted some of its global car and motorcycle production in June 2020 following a suspected cyber attack.
Toyota stocks ended flat on Tuesday, underperforming a gain of 1.2% in the broader market.