Toyota suspended all its domestic factories on Tuesday following a cyber-attack that affected the supplier of plastic parts, Kojima Industries Corporation.
“Due to a system failure at a domestic supplier (KOJIMA INDUSTRIES CORPORATION), we have decided to suspend the operation of 28 lines at 14 plants in Japan on Tuesday, March 1 (both 1st and 2nd shifts). We apologize to our relevant suppliers and customers for any inconvenience this may cause,” stated Toyota in a statement.
Experts believe that the temporary suspension of Toyota’s operations could lead to a 5% drop in the company’s monthly production or the loss of about 13,000 units.
The exact cause of the attack was not immediately clear, but it happened a day after Japan joined the Western allies in standing up against Russia for its actions in Ukraine. Japan also extended $100 million in emergency aid to Ukraine and excluded several Russian banks from the SWIFT payment system.
Prime Minister of Japan Fumio Kishida said that his government would look into the incident to see if it was carried out by Russia while noting that, “It is difficult to say whether this has anything to do with Russia before making thorough checks.”
Meanwhile, Toyota later said that it would resume all operations from March 2.
Automotive cybersecurity needs more attention
While this attack might be an exception, it was found that several automakers sacrifice the security of their vehicles for the sake of convenience. As a result, the number of cyber-attacks against automakers has increased over time. Many manufacturers are also desensitized to the threat of cyber-attacks, and it could cost the industry around $24 billion by 2023.
A study conducted by Ponemon revealed that almost 30% of the companies in the automotive industry do not have the proper resources and personnel to secure connected cars.
“As more connected vehicles hit the roads, software vulnerabilities are becoming accessible to malicious hackers using cellular networks, Wi-Fi, and physical connections to exploit them,” said the report. “Failure to address these risks might be a costly mistake, including the impact they may have on consumer confidence, personal privacy, and brand reputation.”
The study also revealed that almost 60% of vehicle manufacturers do not test the security of the software and hardware deployed in their cars.
How to deal with it?
The increasing number of in-vehicle interfaces and the complexity of the security measures needed to secure them are some of the factors that drive hackers to launch attacks. Vehicle manufacturers should strengthen their security solutions by identifying and understanding the various attack points. Manufacturers should implement a variety of security measures designed to make their cars as secure as possible.
We believe the first step in addressing the cybersecurity of cars is by securing the vehicle’s individual electronic components and systems. The next step is securing the external interfaces. Once the external connectivity is secured, the next step is to strengthen the data processing processes to prevent exploitation and theft.
Third-party cybersecurity is another major vertical. Despite the number of breaches that happen every day, several automakers still have a hard time dealing with the complexity of their third-party risks. Many companies still lack confidence in their security posture. They need to perform more assessments and follow up with their third-party vendor to ensure their systems are secure.
Get the Alliant Advantage
The threat landscape is constantly evolving, and cybersecurity awareness must be imperative for all automakers. Employees and top-level leadership must be continuously educated on ever-changing digital risks. Training and awareness for your team is vital, as over 80% of all breaches have a human point of failure.
What we will do:
- Provide emails, webinars, and in-person training that covers Cybersecurity 101 in “plain English”.
- Baseline assessment tools that determine employee vulnerability through mock simulations (phishing, vishing, etc.).
- Tailored training for your employees, managers, and executive leadership.
Alliant Cybersecurity also gives you the hybrid advantage of Human and Artificial Intelligence with our MDR solution, Blue Sentinel. Our mission is to offer top-class and cost-effective solutions ensuring 24/7/365 security that is built for your business.
Contact us today!