On Monday, 8 June, Honda admitted their control systems
had been attacked. The company was unable to access its own servers or use
emails. Production and shipments, already hit hard by the lockdown, stopped. Honda
employees worldwide were asked to go home.
Honda, the Japanese company, is the world’s leading
motorcycle maker for the past sixty years. Always in the top ten carmakers’
list, its turnover is $150 billion. It is an excellent target for cyber crime.
*****
Experts believe Honda has been attacked by the Ekans
ransomware. (Read Ekans backward to understand its toxicity). First observed in
December 2019, it encrypts data and leaves a ransom note. Industrial control
systems usually shut down as a result of the attack.
Imagine on returning home, you find someone has locked
it. You can’t get inside. A note left at the doorstep asks you to pay money in
order to get the key to re-enter your house.
To put pressure on the victim, the cyber criminals can auction
some of the stolen data online. In such auctions confidential cash flow
analyses, company’s future plans, distributor lists, vendor agreements and images
of employees’ driving licenses have been sold. If our bank or our government’s
tax department were to be hacked, we may find our most intimate financial
details sold to criminal gangs.
*****
Is this related to the pandemic? It probably is.
Work From Home (WFH) is an absolute nightmare for IT managers. Any
individual employee can be lured to download a link he shouldn’t. Since the beginning of the pandemic, thousands of Covid-links, ‘helping the poor’ sites
and dashboards have been used by cyber criminals. Johns Hopkins University had
to issue a public statement on malware disguised as a Covid-19 map.
Unfortunately a few thousand non-suspecting people had already downloaded the
impostor map.
Several poly-criminal, multinational gangs now give
priority to cyber-crime. When wildlife trafficking stopped in March and April, some
organized crime groups switched over to cyber-crime.
Because they operate in cyberspace, it is difficult to
catch the operators. Like Al-Qaeda in the real world, these operators are often
known by the ransomware they promote. DoppelPaymer and Maze are large organizations
that deploy and facilitate the payment of ransomware. They are happy to take
payment in virtual currencies like bitcoin, making it even more difficult to
trace them. On 18 March, in a press release, Maze promised to stop attacking
health organizations (but not pharma companies, because they are for profit). Most
cyber criminals have said if they accidentally target hospitals, nursing homes,
or health agencies, the victim should contact them (contact details are given anyway
to enable ransom payment). They will
decrypt for free.
*****
Times are such that we need to protect both ourselves
and our gadgets from viruses. Your devices must have strong anti-malware
protection. It is best to avoid downloading anything non-essential. You may
think of it as internet social distancing if you like. If you are working from
home, your employer’s safety is in your hands.
However, if you own a Honda vehicle, your contact
details may already be in the hands of a cyber-gang.
Ravi