Japanese automobile manufacturer Honda Motor Co. probes an internal network glitch that affected its IT systems in Japan and Europe which may be related to the Ekans ransomware attack.
Honda has confirmed the incident but did not provide the additional details regarding possible cyber attack. The company said that it currently investigates the issue.
“Honda can confirm that there is an issue with its IT network. This is currently under investigation, to understand the cause. At this point, there is no effect on either Japanese production or dealer activities, and no customer impact. In Europe, we are investigating to understand the nature of any impact. We can confirm some impact in Europe and are currently investigating the exact nature,” Honda said in a statement to SkyNews.
The potential cyber attack was detected in the early hours of Monday morning. Following the glitch Honda put production on hold in certain locations to deal with a disruption in its computer network.
While the Japanese manufacturer declined to reveal more information regarding the nature of the incident, various reports say that one of the carmaker's internal servers had been infected with the Ekans malware, a type of ransomware that targets industrial control systems used for operating factories, and demands payment in exchange for the encryption key.
In a tweet a security researcher going by the moniker Milkream said a sample of the Ekans ransomware had been uploaded to VirusTotal that checks for the internal Honda network name of "mds.honda.com."
According to the researcher, the malware that hit Honda is a modified variant of the Ekans ransomware that was used in the attack against European health care giant Fresenius Group at the beginning of May.
