Last week, a Honda plant was forced to halt production for a day after the carmaker found the WannaCry ransomware in its computer network. The delay meant that about 1,000 vehicles at the Sayama plant, which is 17 miles north of Tokyo, were not produced as planned.
The ransomware is the same one that struck thousands of organisations across the globe in May, exploiting unpatched versions of older Microsoft operating systems. Honda reportedly attempted to secure its systems after the initial outbreak, but WannaCry was still able to infect “several older production line computers, causing them to shut down”.
A spokesperson for Honda said that the virus had affected networks across Japan, North America, Europe, China and other regions, but work was able to continue as normal in the carmaker’s other plants.
WannaCry isn’t going away
The spread of WannaCry has slowed in the past few weeks, but this incident should be a reminder that the ransomware is still out there and can still cause a great deal of damage. The malware also appeared in Australia last week, when a maintenance worker inadvertently uploaded the virus on to a speed camera network using a USB stick. As many as 97 cameras across Melbourne and other parts of Victoria were infected.
Discussing the enduring threat of WannaCry, Rafe Pilling, senior researcher at SecureWorks Counter Threat Unit, told ZDNet: “WannaCry is a worm so it’s propagating at random around the internet. So any systems which were infected and hadn’t properly been cleaned [continue] to propagate the worm”.
When asked how organisations can avoid falling victim to WannaCry, Pilling said:
Network segregation plays a major role in defence. Ideally nobody should have ports necessary for this worm to propagate accessible to the internet or with outbound access to the internet – it’s generally considered poor practice for the [Server Message Block] port to be exposed to the internet, or to allow your systems to talk to that protocol.
Protect yourself from ransomware
Ransomware has become a major tool for cyber criminals in the past few years, but it was with WannaCry that it gained widespread public awareness.
In response to the growing concern over ransomware, IT Governance now provides an information page dedicated to it. Our page explains the threats that ransomware presents to organisations, and gives details of the resources available to help you understand and combat those threats – from an infographic and an introductory training course to more in-depth solutions, such as a cyber health check, ISO 27001 consultancy and penetration testing services.