Toyota Motor Corp. has been forced to halt manufacturing operations at all of its plants in Japan after a cyberattack struck a major component supplier.

The attack targeted Kojima Industries Corp., a maker of interior and exterior automotive parts. The exact form of attack was not disclosed but is suspected to be ransomware. Nikkei Asia reported that Kojima said this morning local time that it had received a message demanding a ransom and that it had confirmed the existence of a virus.

Toyota representatives and cybersecurity experts were deployed to Kojima to determine the attack’s cause and to restore systems.

Although it appears that Toyota’s systems were not affected directly, the decision by the automotive manufacturer to cease production appears to be proactive. Kojima is directly connected to Toyota via Toyota’s kanban just-in-time production control system and hence there was concern that the attack could also spread to Toyota’s system.

The product halt also affected Toyota subsidiaries Hino Motors Ltd. and Daihatsu Motor Co Ltd. The downtime is expected to result in a 5% drop in Toyota’s monthly production in Japan, roughly 13,000 units. Production was expected to resume Wednesday local time.

Toyota has been targeted directly in cyberattacks before. The company’s North American unit was breached in 2019, with 3.1 million customer records stolen.

“Supply chain issues are already one of the weakest links for an organization, even in the best of times,” Slava Bronfman, co-founder and chief executive of the automotive cybersecurity company Cybellum Technologies Ltd., told SiliconANGLE. “The challenges are not just in how they impact production capabilities, but also in how they affect the security of the final product.”

Bronfman explained that automotive vehicles involve many layers of suppliers that provide components and applications. “The manufacturer who assembles these components into a final vehicle has limited control and visibility of what’s in the various components or software, creating a huge risk for the final vehicle and to its drivers,” he added.

Hank Schless, senior manager of security solutions at endpoint-to-cloud security firm Lookout Inc., noted that both the software supply chain and the physical supply chain have frequently made headlines in the last couple of years.

“This incident exemplifies how intertwined the two are, and how a successful attack on the software supply chain can have negative effects on the output of physical goods produced,” Schless said.

Photo: Shuets Udono/Wikepedia Commons