UPDATED 21:58 EST / MARCH 14 2022

SECURITY

Data stolen in cyberattack targeting another Toyota supplier

Two weeks after Toyota Motor Corp. was forced to halt manufacturing at its plants in Japan following an attack on supplier Kojima Industries Corp., another Toyota supplier has been targeted in a cyberattack.

The latest attack involved Denso Corp., a global automotive manufacturer based in Japan that is also 25% owned by Toyota. The Pandora ransomware gang has claimed responsibility and said it has stolen 1.4 terabytes of data belonging to Toyota, NHK reported Sunday. The data stolen is believed to include trade secrets, including more than 157,000 purchase orders and invoices, emails and parts diagrams.

Denso described the attack in a statement today as illegal access to a subsidiary in Germany on March 10. The company cut off the network connection of affected devices and confirmed there was no impact on other Denso facilities. The attack is under investigation, authorities have been informed and the company is working with specialized cybersecurity agencies to deal with the situation.

Although Pandora has claimed responsibility for the attack, it’s not certain that ransomware was used or whether it was simply straight data theft with a ransom demanded not to release the stolen data. It was the same with the attack on Kojima Industries and several recent attacks. Pure data theft and extortion is an emerging trend among some criminal enterprises previously known for ransomware attacks alone.

Also notable is that Denso would have been linked to Toyota’s kanban just-in-time production control system. It could simply be a coincidence, but that platform connects all of Toyota’s suppliers and is a common link between the victims.

“As this is the second of Toyota’s suppliers to be targeted by threat actors, perhaps it’s time for Toyota to reevaluate its once lauded strategy and RESCUE (REinforce Supply Chain Under Emergency) supply chain database system – which identifies parts and vulnerability information of over 650,000 supplier sites,” Tom Garrubba, vice president of risk management company Shared Assessments LLC, told SiliconANGLE. “Perhaps  Toyota should consider evaluating third-party risk due diligence with respect to strong cyber hygiene.”

For years, he explained, many manufacturers have focused on the availability of those products and services that feed into the outsourcer’s own end-product. “However, the outsourcer often fails to assess key resilience controls such as security and recoverability of critical systems and processes that allow the product or service to be provided by the supplier,” he said.

Chris Clements, vice president of solutions architecture at information technology service management company Cerberus Cyber Sentinel Corp., said the attack highlights how important it is that all of an organization’s business units are equally prepared to fend off a cyberattack.

“Cybercriminals will always exploit the weakest link, and in today’s interconnected networks can do significant damage from compromising even a small business unit,” Clements said. “It’s no longer enough for businesses to solely focus on their ability to prevent or recover from a ransomware attack as attackers now routinely steal mass quantities of data as part of their operations.”

Indeed, he added, “Data theft is in some ways more insidious than traditional ransomware as once the information stolen there is no way to verify that the attacker will actually delete the information instead of attempting to resell it on the dark web or simply release it publicly.”

Photo: Denso Thailand

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU