Automotive hose maker Nichirin hit by ransomware

Nichirin-Flex U.S.A., a subsidiary of Japanese automotive and motorcycle hose manufacturer Nichirin, has been hit by a ransomware attack that has taken its network offline.

This attack occurred on June 14, 2022 and detected unauthorized access to the network and shifted operations into manual mode.

The cyber attack has also affected product distribution, and customers can expect delays in obtaining their orders, as orders are being fulfilled manually.

In its official announcement yesterday, Nichirin emphasized that its first priority is to restore the system and resume operations.

We are currently investigating how the unauthorized access occurred and attempting to determine the “impact of the information breach.”

In addition, the company’s website had to be temporarily shut down until experts could determine the extent of the ransomware attack, but is now back up and accessible

For now, the U.S. network segment is disconnected from the rest of Nichilin’s infrastructure, and there is no indication that the ransomware attackers have been outside of it.

Nichilin also warns that customers and employees may receive emails impersonating Nichilin, suggesting that the ransomware attack may have been caused by phishing.

Damage to supply chain

Ransomware attackers are increasingly interested in targeting suppliers of components critical to automotive production.

Nichirin hoses are used in brake systems, air conditioning, power steering, and various hydraulic and pneumatic systems, providing suction and high pressure solutions, with high durability and excellent heat resistance.

Because these products are so specialized, finding a replacement vendor is not easy, and any disruption in production could cause a domino effect on the automotive manufacturing industry.

A recent example of a ransomware attack on an automotive supplier is the March 2022 cyberattack by the ransomware group Pandora on Denso, one of the world’s largest auto parts manufacturers.

Prior to that, in February 2022, Toyota Motor Corporation was forced to halt car production at 14 plants in Japan after a cyber attack on one of its key suppliers, Kojima Industries, which makes plastic parts.