The Japanese car maker Honda has been hit by a cyber attack, knocking out systems and causing all remaining production to stop.

It’s another blow to car manufacturing in the UK, which has clearly been on a downward trend for many years. COVID-19 has caused massive disruption to many businesses and of course, where cyber criminals smell a weakness, they’ll be in like a shot. It looks like this has been a ransomware attack, no real surprise as this has become the weapon of choice in the last decade, and one of the most common cyber threats faced by businesses today. Apparently Honda’s UK production was due to restart on the 8th of June, the very day the attack struck. So this has happened at a crucial time, when the factory would be preparing to return to some kind of normality, and put the crisis behind them. So should they pay the ransom?

Well… many do, purely out of desperation… but there’s absolutely no guarantee you’ll get your data back. When this happened to aluminum manufacturer Norsk Hydro, in 2019, they refused to pay the ransom.

Instead, they put their 35,000 strong workforce back to work using pen and paper. They dug out archived production techniques and picked the brains of retired workers to get their factories back up and running.

Ingenious recovery method you might think! But it wasn’t by design. This took an enormous amount of work and effort to find a way to resume production.

The good news is that there is a proven method to ensure that you don’t suffer the same fate – regular and effective backups.

In most cases, ransomware is very difficult to remove and files encrypted by it are impossible to decrypt. The best method of overcoming an attack is to factory reset affected machines and restore data from your backup.

This means you have to think about a few things in advance;

  1. Which files do you need to back up? Don’t just back up a load of rubbish.
  2. How often do you back up? The more frequent the better, especially for files in regular use.
  3. Where is your backup stored? If it’s on the same network as infected PCs, your backup could also be encrypted. If it’s in the same building, is it safe from physical threats such as a fire?
  4. Related to the above, could you use the cloud? Many software and service packages now come with cloud storage and automatic backup features.

In addition to backups, one of the most valuable things you can do is to provide regular awareness training for your staff. This can make the difference between preventative measures and disaster recovery.

Ransomware is most commonly introduced via a malicious link or email attachment, so ensuring all staff members know what to look out for and how to avoid falling victim is crucial.

If you need any help or advice, drop us a message via the site or give us a call on 0141 471 9939.

As for Honda, we’ll likely never know whether they pay up or not. Most people who do tend to keep it a secret… and there’s probably a good reason for that…

Couple of links;

Warning: these will navigate to an external site.

Independent article on Honda attack

BBC News article on Norsk Hydro attack