This website uses cookies primarily for visitor analytics. Certain pages will ask you to fill in contact details to receive additional information. On these pages you have the option of having the site log your details for future visits. Indicating you want the site to remember your details will place a cookie on your device. To view our full cookie policy, please click here. You can also view it at any time by going to our Contact Us page.

Honda: managing a crisis within a crisis

16 June 2020

Earlier this week, Honda was hit by a cyber attack affecting its ability to access its email and internal systems. The attack was felt across its entire global network, with experts widely suggesting it could be the work of the “Ekans” or “Snake” ransomware strain, designed to attack industrial control systems networks.

Shutterstock image

The timing of this attack highlights a major challenge facing organisations in the wake of the coronavirus pandemic – managing multiple crises concurrently. Peter Groucutt, Managing Director of Databarracks, explains: “Dealing with a second disruption while already in a weakened state increases the impact significantly. This is the reality Honda is facing now.”

Like many car manufacturers, Honda has struggled to deal with the COVID-19 crisis, reporting significant losses for the fiscal quarter ending in March.

Groucutt continues, “Ransomware attacks are becoming more disruptive. Post attack, organisations now spend weeks remediating and restoring their systems. In fact, research earlier in the year revealed the average downtime for businesses hit by ransomware can now last 16.2 days – up from 12.1 days in the third quarter of 2019.

“Ransomware attacks are incredibly difficult to deal with in the best of situations, but it is even worse to be facing it during the global pandemic and various states of lockdown for its sites across the UK, US, Turkey, Italy and Japan.

“All organisations should reassess their risks in the current situation. A disparate workforce reduces some risks, but others will need to be addressed. Remote working isn’t necessarily any less secure, but the change and upheaval has created opportunities for criminals to exploit. New phone systems and collaboration software increases the chance of being fooled by phishing emails due to a lack of familiarity. Staff new to remote working and changes in process also create openings to exploit. Existing response plans may not work for a remote team and the lockdown restrictions, so think about how they should be adapted.”

Groucutt continues, “Not only will it take time for Honda to fix the issue, it will also add further financial pressures to the business, at a time when it is still dealing with the fallout from the pandemic. IT downtime, whether from an outage or a data breach, impacts an organisation in several ways but always carries a cost. The fact Honda has put production on hold across multiple global locations, and sent factory workers home, shows how debilitating this attack is and the longer operations are shut down the more costly this will become.

“Our own research into IT downtime revealed almost 40 percent of UK organisations reported a cost of IT downtime of over £5,000 per hour in the past year. That has increased from just 25 percent in 2017”, Groucutt concluded.


Print this page | E-mail this page

Beckhoff