Honda ransomware

Japanese automotive manufacturer Honda is investigating a possible ransomware attack that has caused company-wide network outages.

Several news outlets have reported that the company’s servers have been infected with the EKANS ransomware which led to network connectivity issues in Europe and Japan over the weekend.

“On Sunday, June 7, Honda experienced a disruption in its computer network that has caused a loss of connectivity, thus impacting our business operations,” said a spokesperson for Honda. “We have canceled some production today and are currently assessing the situation.”

EKANS (snake spelled backwards) is what is known as an Industrial Control System, or ICS, malware variant that specifically targets and disables factories and heavy equipment. Whereas most ICS strains are considered to be deployed by nation-state hackers, EKANS is somewhat unusual in that it is typically deployed by private cybercriminal enterprises.

While Honda has yet to officially confirm the full scope or the cause of their network outages, it does not appear to have had an impact on car dealerships or customers.