Toyota to resume operations after a Cyber Attack scare

15th March 2022
Toyota Cyber Attack company resumes operations

Toyota Motor Corp plans to resume operations on 2nd March, following the devastating cyberattack on one of their partners.   

Toyota is one of the largest motor companies in Japan, producing thousands of units per month. But it had to shut down operations across several plants due to a cyberattack on one of its domestic suppliers – Kojima Industries Corporation. 

What happened to Toyota's production line during a cyberattack?  

On Monday, Kojima Industries Corporation suffered a cyberattack that shut down their parts supply management system, compromising production and forcing Toyota to suspend over 28 lines across 14 manufacturing plants.  

This shutdown affected over 13,000 cars in production, approximately 5% of Toyota's monthly output in Japan.  

Toyota was not the only one compromised by the cyberattack for two of Toyota's subsidiaries: Hino Motors and Daihatsu Motor Corp were also affected by the attack. The Japanese manufacturing giant responded by shutting down operations for Monday and Tuesday but announced that they would resume operations on Wednesday. 

Thus far, the cause behind the attack has not yet been identified, nor has any group come forward to claim responsibility.  

While some experts have guessed as to who is responsible, there is no substantial evidence to back the claim. At the moment, Kojima Industries Corporation's website is down while the plant is no longer in operation, although whether it is due to the attack or to investigate the cause is not clear. 

What key lessons can we learn from the cyberattack? 

This attack is a part of a disturbing trend of growing software supply chain attacks. Research shows that software supply chain attacks increased by more than 300% in 2021, compared to 2020. While Toyota is recovering, the status of its subsidiaries (Hino Motors and Daihatsu Motor Corp) is not yet clear, nor is there any update from Kojima Industries Corporation. 

Instead, the attack should serve as a warning that even the most prominent organisations are vulnerable to a supply chain attack if not supported by adequate security measures. 

A cyberattack on their supplier compromised their production capacity, which no doubt would affect their business targets and revenue. This cyberattack instills the importance of having a robust cybersecurity posture and asking suppliers to adhere to strict security standards.