One of the largest automotive manufacturers, Toyota, was forced to halt its operations in Japan after a key parts supplier became a victim of a cyberattack. On Monday, 28th of February 2022, Toyota made an official statement saying, “Due to a system failure at a domestic supplier (Kojima Industries Corporation), we have decided to suspend the operation of 28 lines at 14 plants in Japan on Tuesday, March 1st (both 1st and 2nd shifts).”
According to the supplier, Kojima Industries – not to be confused with Japanese game developer, Kojima Productions – it received “a threatening message” on Saturday 26th of February 2022, which it later confirmed as ransomware.
The following Monday, an official close to Kojima Industries told the Japanese business daily, Nikkei, “It is true that we have been hit by some kind of cyberattack. We are still confirming the damage and we are hurrying to respond, with the top priority of resuming Toyota’s production system as soon as possible.” The official also added that Toyota representatives and cybersecurity experts are at Kojima Industries to determine the cause.
Then on Tuesday, Kojima industries announced that it had found a virus in its servers. It also added that the damage caused by the virus was partly solved on Sunday, 27th of February 2022, but the company estimated it would need an additional day to get a 100% system functionality. The cyberattack did not break any physical mechanics of the production line.
Kojima Industries is located in Okazaki, Aichi in Japan, which is part of Toyota City. The company supplies interior and exterior plastic parts to Toyota and its subsidiaries – Daihatsu and Hino.
As a result both Daihatsu and Hino were also forced to close their respective production lines in Japan. Daihatsu produces compact passenger vehicles like the Rocky, which Malaysians will recognise as the Perodua Ativa. Hino, on the other hand, manufacturers lorries and trucks for the commercial market segment.
Toyota Motor Corp. spokeswoman Shiori Hashimoto commented, “The two companies had worked out alternative ways to carry on with manufacturing even though the server problem was not yet resolved.”
Even Japan’s Prime Minister weighed in on the issue saying, “We are aware of media reports. The government is working to confirm the situation.” As no information regarding the source and motive of the attack was available, he was asked by reporters if Russia had anything to do with the cyberattack. The question was raised as the cyberattack came right after Japan joined forces with Western allies in imposing sanctions against Russia, which is currently invading Ukraine.
He just said, “It is difficult to say whether this has anything to do with Russia before making thorough checks.”
On Tuesday, 1st of March 2022, Toyota put out a promising statement saying, “However, we have decided to resume all operations from the first shift tomorrow, Wednesday, March 2.” It followed to offer its apologies to customers, suppliers and other related parties for any inconveniences caused.
It ended the statement with, “Working together with our suppliers, we will make every effort to deliver vehicles to our customers as soon as possible.”
Toyota’s Just-In-Time manufacturing strategy is the reason why it had to shut down its production line. The strategy that Toyota pioneered dictates that parts arrived from suppliers will go directly into the production line rather than being stockpiled. Therefore, when supplies from Kojima Industries was cut, Toyota couldn’t fall back on a ready stock to keep the production line running.
As a result, it is estimated that Toyota’s output will reduce by around 13,000 cars. This is on top of the production line disruptions it faced in North America in February due to a protest by the Canadian truckers. The protests were not aimed at Toyota specifically, but towards the Canadian government over pandemic mandates.