EXECUTIVE SUMMARY:
Automotive hose maker Nichirin, headquartered in Japan, reports that a US subsidiary has encountered a ransomware attack. Computerized controls were shut down as quickly as possible. The group transferred to manual production and shipping in order to continue business processes.
This ransomware attack illustrates the growing importance of supply chain security across all industries and sectors. Silly as it may sound, in the absence of Nichirin’s vehicle components, other corporate groups cannot fulfill orders and keep up with consumer demands.
According to the European Union Agency for Cybersecurity (ENISA), 66% of supply chain attacks focus on the suppliers’ code. However, many firms also retain intellectual property, personally identifiable information (PPI), internal process maps and tight production timelines – all of which appeal to hackers, especially those with financial motives.
Nichirin cyber attack
The company promises to investigate the impact of the attack on partners and customers and remains committed to promptly disclosing “any necessary information.”
Nichirin has placed a warning on its website pertaining to possible spoofed emails that may appear to come from Nichirin employees. The company expressly requests for email recipients to refrain from opening any attached files.
The nichirin.co.jp website also states that it now uses a security service for protection from online attacks. The process is automatic. Visitors will be redirected once the validation process is complete, says the text.
How Nichirin attack happened
Nichirin has not publicly disclosed the reason for the cyber security breach. The company has also declined to discuss its technology partners who are responsible for its IT infrastructure in both Japan and the US.
Automotive industry attacks
Ransomware represents a growing challenge for the automotive industry. In July of 2021, two international car giants fell victim to Conti ransomware. During those security events, email addresses, vehicle identification numbers, phone numbers and physical addresses were stolen.
In October, a supplier of automotive exhaust and thermal management systems experienced an IT compromise. And in the spring of 2022, another well-known car manufacturer confirmed a temporary shutdown due to a suspected supplier-based ransomware attack.
Supply chain attacks
The key to protecting a supply chain from ransomware and other cyber schemes involves ensuring that third-party vendors remain compliant with strict cyber security standards. Compliance should continue whether or not regulatory requirements are enforced, which can prove challenging for organizations that lack human resources or appropriate technological tools.
Supply chain resources
Attacks on the supply chain are undermining vast enterprise ecosystems, and decimating business relationships. Stop supply chain attackers from gaining a foothold within your network. Attackers are deploying attacks at-scale and experiencing unprecedented success due to security weaknesses. Protect your organization’s supply chain and those of your business partners. Explore the resources below:
- 10 extremely effective ways to prevent supply chain attacks
- 4X increase in supply chain attacks, experts worried
- How Safe is Your Technology Supply Chain?
The implementation of cutting-edge cyber security solutions can effectively address and reduce the cyber risk inherent in complex supply chain ecosystems.
If you’d like to learn more about the Nichirin story, visit Reuters. Lastly, to receive cyber security news, exclusive interviews, expert analyses and security resources, sign up for the CyberTalk.org newsletter.
