Cyber-Attacks on Honda, Enel Group – Behind the News Analysis
Jun 14, 2020 | Radiflow team
Over the past few days we have witnessed an extraordinary increase in high-profile cyber attacks on multinational manufacturing corporations and critical infrastructure providers.
This time on the top of media headlines were Honda and the ENEL Group.
According to MalwareBytes‘ analysis, both incidents were targeted attacks using EKANS/SNAKE ransomware, which at least in Honda case caused various business disruptions including disruption to production line operations.
One of the interesting pieces of evidence found in this case was publicly exposed Remote Desktop Protocol (RDP) access, which revealed internal domains on both attacked organizations’ networks. The same domains were found in malware samples which were uploaded to Internet virus analytics services.
It should be noted that attacks by this ransomware family are becoming more and more frequent in manufacturing and other sectors.
Behind the news
Although most enterprises are experiencing economic slowdown, hacking activity against industrial organizations is constantly increasing. Specifically, such attacks can be attributed to organizations’ efforts to open their networks to external access for remote working, which in many cases this was done without installing proper cybersecurity measures. This can dramatically increase the threats not only to IT, but also to OT networks.
In addition, multinational enterprises should install additional measures to:
segregate between various parts of the IT global network
establish zones and restrict access between IT and OT parts
deploy cyber detection systems on user management systems and high-privileged accounts.
Finally, cyber-risk management processes for core/critical industrial operations in ICS environments should be made an organic part of the CISO/Chief Risk Officer’s responsibility.
Honda manufacturing plants in Ohio and Turkey went offline on Tuesday, June 9 after a cyberattack compromised some of the Japanese automaker’s facilities
This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Strictly Necessary Cookies
Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.
If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.