Nichirin-Flex U.S.A, a subsidiary of the Japanese car and motorcycle hose maker Nichirin, has been hit by a ransomware attack causing the company to take the network offline.
The attack occurred on June 14, 2022, and the company reacted as soon as it detected the unauthorized access on its network and moved operations into manual mode.
Customers should expect delays in getting their orders since the cyberattack also affected product distribution and orders are being fulfilled manually.
In an official statement [PDF, Japanese] yesterday, Nichirin underlines that system recovery has been prioritized to resume business operations. The company is currently investigating how the unauthorized access happened and is trying to determine “the effects of information leakage.”
Additionally, the firm’s website had to be taken down temporarily until experts were able to determine the extent of the ransomware attack impact, but it’s now back online.
For now, the U.S. network segment remains isolated from the rest of Nichirin’s infrastructure, and there are no signs that the ransomware actors were able to pivot outside of it.
In a separate notice, Nichirin is warning clients and employees of the possibility of receiving emails that impersonate the firm, suggesting that the ransomware attack was possible through phishing.
Hitting the supply chain
Ransomware actors have shown increased interest in targeting suppliers of parts that are essential in automotive production.
The hoses manufactured by Nichirin are used in brake systems, air conditioning, power steering, and various hydraulic and pneumatic systems, providing suction, return, and high-pressure solutions with high durability and excellent heat resistance.
These products are very specialized, so finding replacement vendors isn’t simple, and any disruption in their production can cause a domino effect in the car-making industry.
Recent examples of ransomware attacks hitting automotive industry suppliers is the March 2022 cyberattack on DENSO, one of the world’s largest automotive component manufacturers, who was compromised by the Pandora ransomware gang.
Earlier, in February 2022, Toyota Motors had to suspend car production in 14 of its Japan-based plants due to a cyberattack on one of its key suppliers, Kojima Industries, which makes plastic components.