Honda suffers suspected ransomware attack

News
By published

So-called "Ekans" ransomware is said to be behind office closures and a halt in manufacturing at some factories

Visual representation of ransomware by showing encrypted files on a display
(Image credit: Shutterstock)

Japanese car giant Honda has been hit by a ransomware attack that has forced it to put manufacturing on hold at some locations.

The ransomware attack was first discovered on Sunday, with Honda putting production on hold in certain locations the following day to deal with a "disruption" in its computer network, according to NBC News.

The most popular ransomware strains targeting UK businesses How to beat ransomware What are the different types of ransomware?

Reports claim Honda employees in the US were also turned away from their offices on Monday morning as IT equipment and phones were still offline.

Cyber security researchers claim to have found evidence that hackers have created a custom variant of the "Ekans", or "Snake", ransomware to encrypt an internal Honda network and demand ransom in exchange for a decryption key.

The so-called "Ekans" ransomware is a type of malware that has been designed to target industrial control systems and to evade anti-malware tools. It was recently used to target Germany-based Fresenius Group, Europe's largest private hospital operator, forcing it to postpone surgical procedures.

Honda has yet to confirm the ransomware attack but did state that it has suffered a security incident that has impacted its operations in Europe.

"This is currently under investigation, to understand the cause," a Honda spokesperson said.

"At this point, there is no effect on either Japanese production or dealer activities, and no customer impact. In Europe, we are investigating to understand the nature of any impact. We can confirm some impact in Europe and are currently investigating the exact nature.

This is not the first time Honda has been targeted by cyber criminals. One of the company's plants at Sayama, Japan, had to temporarily stop production in 2017 after its network was hit by WannaCry ransomware.

RELATED RESOURCE

How enterprises are embracing cyber security challenges

Enterprises across Europe, the Middle East and Africa are undergoing a significant transformation

FREE DOWNLOAD

In 2019, the carmaker had to deal with another cyber security incident after a researcher discovered a misconfigured ElasticSearch database leaking 134 million corporate documents that exposed sensitive information about the Honda's internal systems and device data.

Carly Page
Carly Page

Carly Page is a freelance technology journalist, editor and copywriter specialising in cyber security, B2B, and consumer technology. She has more than a decade of experience in the industry and has written for a range of publications including Forbes, IT Pro, the Metro, TechRadar, TechCrunch, TES, and WIRED, as well as offering copywriting and consultancy services. 

Prior to entering the weird and wonderful world of freelance journalism, Carly served as editor of tech tabloid The INQUIRER from 2012 and 2019. She is also a graduate of the University of Lincoln, where she earned a degree in journalism.

You can check out Carly's ramblings (and her dog) on Twitter, or email her at hello@carlypagewrites.co.uk.

More about ransomware
A hand on a keyboard in a dark room

Alleged LockBit developer extradited to the US
Ransomware concept image showing digitized padlock pictured on a laptop screen on red background

February was the worst month on record for ransomware attacks – and one threat group had a field day
Jensen Huang, co-founder and chief executive of Nvidia pictured on stage at Nvidia GTC 2025 holding two GPUs.

Nvidia GTC 2025: Four big announcements you need to know about
See more latest
Most Popular
Jensen Huang, co-founder and chief executive of Nvidia pictured on stage at Nvidia GTC 2025 holding two GPUs.
Nvidia GTC 2025: Four big announcements you need to know about
Businessman hand pointing finger to growth success finance business chart of metaverse technology financial graph investment diagram on analysis stock market background with digital economy exchange.
Global security spending continues to rise
Women in tech concept image showing female tech worker sitting at desk working on desktop computer.
Imposter syndrome is pushing women out of tech
Jensen Huang, co-founder and chief executive officer of Nvidia, pictured during a news conference at the Nvidia GPU Technology Conference (GTC) in San Jose, California, US.
‘This is the first event in history where a company CEO invites all of the guests to explain why he was wrong’: Jensen Huang changes his tune on quantum computing after January stock shock
ServiceNow signage pictured during the Singapore FinTech Festival in Singapore, on Wednesday, Nov. 15, 2023.
Old ServiceNow vulnerabilities could cause havoc for unpatched customers
Soft skills concept image showing informal staff meeting in an open plan office environment with workers having a discussion.
AI skills training can't be left in the hands of big tech
Oracle CloudWorld Tour sign pictured at the company event in London, UK.
AI agent announcements are a dime a dozen right now – here’s what Oracle thinks it’s doing differently
Close-up shot of data centers servers in red, black, and light blue colors.
Server sales are skyrocketing – and growth shows no sign of slowing down
SonicWall logo and branding pictured on a smartphone screen.
SonicWall pins ‘transformational year’ on strong partner growth
Antonio Neri, chief executive officer of Hewlett Packard Enterprise Co. (HPE), bottom left, and Jensen Huang, co-founder and chief executive officer of Nvidia Corp., during a keynote address at the HPE Discover event at the Sphere in Las Vegas, Nevada, US, on Tuesday, June 18, 2024.
HPE unveils Mod Pod AI ‘data center-in-a-box’ at Nvidia GTC