Honda suffers suspected ransomware attack

Visual representation of ransomware by showing encrypted files on a display
(Image credit: Shutterstock)

Japanese car giant Honda has been hit by a ransomware attack that has forced it to put manufacturing on hold at some locations.

The ransomware attack was first discovered on Sunday, with Honda putting production on hold in certain locations the following day to deal with a "disruption" in its computer network, according to NBC News.

The most popular ransomware strains targeting UK businesses How to beat ransomware What are the different types of ransomware?

Reports claim Honda employees in the US were also turned away from their offices on Monday morning as IT equipment and phones were still offline.

Cyber security researchers claim to have found evidence that hackers have created a custom variant of the "Ekans", or "Snake", ransomware to encrypt an internal Honda network and demand ransom in exchange for a decryption key.

The so-called "Ekans" ransomware is a type of malware that has been designed to target industrial control systems and to evade anti-malware tools. It was recently used to target Germany-based Fresenius Group, Europe's largest private hospital operator, forcing it to postpone surgical procedures.

Honda has yet to confirm the ransomware attack but did state that it has suffered a security incident that has impacted its operations in Europe.

"This is currently under investigation, to understand the cause," a Honda spokesperson said.

"At this point, there is no effect on either Japanese production or dealer activities, and no customer impact. In Europe, we are investigating to understand the nature of any impact. We can confirm some impact in Europe and are currently investigating the exact nature.

This is not the first time Honda has been targeted by cyber criminals. One of the company's plants at Sayama, Japan, had to temporarily stop production in 2017 after its network was hit by WannaCry ransomware.


How enterprises are embracing cyber security challenges

Enterprises across Europe, the Middle East and Africa are undergoing a significant transformation


In 2019, the carmaker had to deal with another cyber security incident after a researcher discovered a misconfigured ElasticSearch database leaking 134 million corporate documents that exposed sensitive information about the Honda's internal systems and device data.

Carly Page

Carly Page is a freelance technology journalist, editor and copywriter specialising in cyber security, B2B, and consumer technology. She has more than a decade of experience in the industry and has written for a range of publications including Forbes, IT Pro, the Metro, TechRadar, TechCrunch, TES, and WIRED, as well as offering copywriting and consultancy services. 

Prior to entering the weird and wonderful world of freelance journalism, Carly served as editor of tech tabloid The INQUIRER from 2012 and 2019. She is also a graduate of the University of Lincoln, where she earned a degree in journalism.

You can check out Carly's ramblings (and her dog) on Twitter, or email her at