View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
February 28, 2022updated 31 Jul 2023 9:41am

Toyota suspends production at car plants as cyberattack hits key supplier

The breach is reportedly causing big problems for the Japanese automaker. It highlights manufacturing's particular vulnerability to cyberattacks.

By Matthew Gooding

Toyota is shutting down its plants in Japan on Tuesday after one of its suppliers suffered a cyberattack. The dramatic move from the automaker highlights the particular vulnerability of the manufacturing industry to such attacks, and the substantial consequences a breach can cause.

The attack on Kojima Industries, a major supplier of plastic parts to the company, has forced Toyota to pause production at all its facilities in Japan. The company has yet to decide whether it will be able to resume normal activities on Wednesday, a source told Asia Nikkei, which first reported the breach.

A Toyota spokesman said: “Due to a system failure at a domestic supplier (Kojima Industries ), we have decided to suspend the operation of 28 lines at 14 plants in Japan on Tuesday, March 1 (both first and second shifts). We apologise to our relevant suppliers and customers for any inconvenience this may cause.

“We will also continue to work with our suppliers in strengthening the supply chain and make every effort to deliver vehicles to our customers as soon as possible.”

Toyota cyberattack: manufacturing is vulnerable to breaches

Manufacturing companies such as Kojima are particularly vulnerable to cyberattacks according to research released last week by IBM. The report from the company’s X-Force cybersecurity intelligence division shows that last year manufacturing overtook the finance and insurance sector as the most commonly targeted industry for online criminal gangs.

These companies have become targets because of their low tolerance for downtime, meaning they are more likely to quickly pay any ransom demand that might be issued by attackers. Indeed, a one-day shutdown of Toyota’s plants would affect the production of 10,000 cars, some 5% of the monthly output from the company’s Japanese factories.

Content from our partners
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape
Green for go: Transforming trade in the UK

The precise nature of the attack on Kojima remains unclear. A source close to the company quoted by Nikkei said: "It is true that we have been hit by some kind of cyberattack. We are still confirming the damage and we are hurrying to respond, with the top priority of resuming Toyota's production system as soon as possible."

Existing vulnerabilities, often found in legacy operational technology deployed by manufacturers, are the most common attack vector according to the IBM report, ahead of phishing attacks.


Asian companies were the most commonly attacked in 2021, the report adds, citing "a flurry of attacks on Japan in particular", though it puts this down, in part, to last summer's Olympic Games.

The breach is the latest production headache for Toyota executives, who last month had to suspend production at five of the company's Japanese factories due to the impact of Covid-19 and supply chain issues relating to the ongoing global chip shortage, while also enduring several chip-shortage related shutdowns in the second half of 2021.

Last month the company said its February output was likely to be 150,000 vehicles below target owing to the chip shortage, meaning it will probably miss its annual goal of producing nine million new cars. Global procurement manager Kazunari Kumakura described hitting the nine million target as a "tall order" following February's problems, and this latest setback will be a further blow to that ambition.

Homepage image courtesy Luke Sharrett/Bloomberg via Getty Images

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU