Skip links

Toyota shutters 14 plants after probable cyberattack

Toyota has closed all 14 plants it operates in Japan due to what it has described as a “system failure” at Kojima Industries Corporation – and local media report the cause of the failure is a cyberattack.

Kojima Industries’ is a Toyota subsidiary that manufacturers interior and exterior car parts and participates in Toyota’s just-in-time supply chains.

Japanese outlet NTV News, reports that the attack struck Kojima Industries on Saturday and the company’s servers were shut down on Sunday. Another local outlet, Nikkei, reported that a cyberattack is the reason for the “system failure” at Kojima Industries.

Toyota’s announcement of its shutdown, dated February 28, states that 14 plants and 28 production lines won’t operate on March 1.

The timeline for this incident therefore appears to start with Kojima Industries realizing it was in trouble on Saturday 26, shutting down some operations on the 27, and advising Toyota it was unable to supply goods before the auto-maker’s February 28 advice of its shutdown.

Where the story ends is impossible to predict because while Kojima Industries has acknowledged a cyberattack, the nature of that attack is unknown.

One hint may come from Japan-CERT’s February 25 warning of a spike in attacks on Japanese email addresses using the Emotet malware. Emotet drops malware that siphons out corporate data: perhaps Kojima Industries had a runaway infection and, rather than leak its own trade secrets and expose other participants in Toyota’s supply chain, pulled the plug?

Kojima Industries is saying nothing about the matter at the time of writing. Indeed, its website is timing out and has done for over a day. Nor does the company appear to maintain a social media account with which it could offer updates.

Whatever the cause of the incident, it will reportedly mean Toyota can’t produce 13,000 cars a day for the duration. The company has pledged to catch up on production as soon as possible. ®