Toyota is shutting down its plants in Japan on Tuesday after one of its suppliers suffered a cyberattack. The dramatic move from the automaker highlights the particular vulnerability of the manufacturing industry to such attacks, and the substantial consequences a breach can cause.
The attack on Kojima Industries, a major supplier of plastic parts to the company, has forced Toyota to pause production at all its facilities in Japan. The company has yet to decide whether it will be able to resume normal activities on Wednesday, a source told Asia Nikkei, which first reported the breach.
A Toyota spokesman said: “Due to a system failure at a domestic supplier (Kojima Industries ), we have decided to suspend the operation of 28 lines at 14 plants in Japan on Tuesday, March 1 (both first and second shifts). We apologise to our relevant suppliers and customers for any inconvenience this may cause.
“We will also continue to work with our suppliers in strengthening the supply chain and make every effort to deliver vehicles to our customers as soon as possible.”
Toyota cyberattack: manufacturing is vulnerable to breaches
Manufacturing companies such as Kojima are particularly vulnerable to cyberattacks according to research released last week by IBM. The report from the company’s X-Force cybersecurity intelligence division shows that last year manufacturing overtook the finance and insurance sector as the most commonly targeted industry for online criminal gangs.
These companies have become targets because of their low tolerance for downtime, meaning they are more likely to quickly pay any ransom demand that might be issued by attackers. Indeed, a one-day shutdown of Toyota’s plants would affect the production of 10,000 cars, some 5% of the monthly output from the company’s Japanese factories.
The precise nature of the attack on Kojima remains unclear. A source close to the company quoted by Nikkei said: “It is true that we have been hit by some kind of cyberattack. We are still confirming the damage and we are hurrying to respond, with the top priority of resuming Toyota’s production system as soon as possible.”
Existing vulnerabilities, often found in legacy operational technology deployed by manufacturers, are the most common attack vector according to the IBM report, ahead of phishing attacks.
Asian companies were the most commonly attacked in 2021, the report adds, citing “a flurry of attacks on Japan in particular”, though it puts this down, in part, to last summer’s Olympic Games.
The breach is the latest production headache for Toyota executives, who last month had to suspend production at five of the company’s Japanese factories due to the impact of Covid-19 and supply chain issues relating to the ongoing global chip shortage, while also enduring several chip-shortage related shutdowns in the second half of 2021.
Last month the company said its February output was likely to be 150,000 vehicles below target owing to the chip shortage, meaning it will probably miss its annual goal of producing nine million new cars. Global procurement manager Kazunari Kumakura described hitting the nine million target as a “tall order” following February’s problems, and this latest setback will be a further blow to that ambition.
Homepage image courtesy Luke Sharrett/Bloomberg via Getty Images
Matthew Gooding is news editor for Tech Monitor.
Toyota suspends production at car plants as cyberattack hits key supplier