Slashdot Mirror

← Back to Stories (view on slashdot.org)

Honda Shuts Down Factory After Finding NSA-derived Wcry In Its Networks (arstechnica.com)

Posted by msmash on from the security-woes dept.

A Honda factory near Tokyo was shuttered for over 24 hours this week after its computers became infected with WannaCry, the same ransomware virus responsible for crippling systems in dozens of countries last month, the car manufacturer said Wednesday. From a report: The automaker shut down its Sayama plant northwest of Tokyo on Monday after finding that WCry had affected networks across Japan, North America, Europe, China, and other regions, Reuters reported Wednesday. Discovery of the infection came on Sunday, more than five weeks after the onset of the NSA-derived ransomware worm, which struck an estimated 727,000 computers in 90 countries. [...] Honda officials didn't explain why engineers found WCry in their networks 37 days after the kill switch was activated. One possibility is that engineers had mistakenly blocked access to the kill-switch domain. That would have caused the WCry exploit to proceed as normal, as it did in the 12 or so hours before the domain was registered. Another possibility is that the WCry traces in Honda's networks were old and dormant, and the shutdown of the Sayama plant was only a precautionary measure. In any event, the discovery strongly suggests that as of Monday, computers inside the Honda network had yet to install a highly critical patch that Microsoft released in March.

5 of 63 comments (clear)

  1. They should sue the NSA by gweihir · · Score: 4, Insightful

    But as usual, criminal activity (and we have at the very least "criminally negligent" on the NSA's part here) by state actors has zero negative consequences for them. One of the corner-stones of a corrupt government that has forgotten that it serves the people.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  2. Re:I'm so confused by gnick · · Score: 4, Insightful

    Last week we heard how the DPRK was responsible for Wannacry. Today it's back to the NSA. Can we at least keep our talking points consistent?

    The NSA was responsible for leaking the exploit that was used for WannaCry. DPRK may have been the ones to weaponize it. I don't understand the confusion.

    --
    He's getting rather old, but he's a good mouse.
  3. Re:I'm so confused by Anonymous Coward · · Score: 5, Funny

    PS. Sucks for Toyota

    Boy, you ARE confused. ;)

  4. Re: I'm so confused by jeffasselin · · Score: 4, Informative

    Correction: Microsoft made coding errors leading to an exploit. The NSA found the exploit. They left their exploit tool and code on a server that was hacked by somone else (russians?). The Shadow Brokers (russians?) leaked those. Then the north koreans used it in wannacry.

    So you can blame Microsoft, the NSA, Russian Intelligence AND the North Koreans. It's an equal opportunity blame game!

    --
    If he explores all forms and substances Straight homeward to their symbol-essences; He shall not die.
  5. I guess it's not just me. by s.petry · · Score: 4, Insightful

    Microsoft code was the entry point, but if the NSA was actually performing it's function and protecting the citizens of the US they would have notified Microsoft of the problem and perhaps even helped with a fix. The chain would have ended then and there.

    Not notifying the vendor of the most widely used OS in the USA, the NSA acted against the interests of US Citizens.

    Further, claiming that the Shadow Brokers are Russian fails basic scrutiny. If there was such a group working for the FSB they would have absolutely zero interest in releasing the exploit to the wild for anyone else to access.

    --

    -The wise argue that there are few absolutes, the fool argues that there are no probabilities.