Japanese car maker Honda has been hit by ransomware that disrupted its production of vehicles and also affected internal communications, according to reports.

The ransomware, of an as-yet unidentified strain, appeared to have spread through the multinational firm’s network. A Honda spokesman told the media it appeared to have “hit the company’s internal servers.”

Some Honda factories around the world were forced to suspend production, though output from Turkey, India, USA and Brazil locations remain on hold at the time of writing.

At this time Honda Customer Service and Honda Financial Services are experiencing technical difficulties and are unavailable. We are working to resolve the issue as quickly as possible. We apologize for the inconvenience and thank you for your patience and understanding.

— Honda Automobile Customer Service (@HondaCustSvc) June 8, 2020

Sky News reported yesterday that Honda’s networks began to suffer “issues” on Monday, and that “the company believed it was the result of unauthorised attempts to breach its systems.”

A Honda spokesbeing told several outlets: “We can confirm some impact in Europe and are currently investigating the exact nature.”

Another statement from the firm today added: “Work is being undertaken to minimise the impact and to restore full functionality of production, sales and development activities.”

In the meantime, multiple researchers have suggested the culprit was Ekans, with one Milkr3am, posting screenshots on Twitter of a sample submitted to VirusTotal today that checks for the internal Honda network name of “mds.honda.com”.

Professor Alan Woodward of the University of Surrey told El Reg: “With a just-in-time system you need only a small outage in IT to cause a problem. As it happens I think Honda have recovered quite quickly. A few countries’ facilities are still affected but they seem to be coming back very fast, which suggests they had a good response plan in place.”

The speed at which the malware spread in Honda’s network indicates that some the company has centralised functions, “the usual culprits are finance,” he added.

Source: Hospital-busting hacker crew may be behind ransomware attack that made Honda halt car factories, say researchers • The Register

WhatsApp claims it fixed an issue that was showing users’ phone numbers in Google search results, TechCrunch reports. The change comes after security researcher Athul Jayaram revealed that phone numbers of WhatsApp users who used the Click to Chat feature were being indexed in search.

Click to Chat allows users to create a link with their phone number in plain text. According to Jayaram, because the links don’t have a robot.txt file in the server root, they cannot stop Google or other search engine bots from crawling and indexing the links. Jayaram says as many as 300,000 phone numbers may have appeared in Google search results, and they could be found by searching “site:wa.me.”

As TechCrunch notes, Jayaram isn’t the first to report this issue. WaBetaInfo pointed it out in February. While the issue seems to be fixed, it’s a pretty big security flaw and apparently it’s been a problem for at least several months.

Source: WhatsApp was exposing users’ phone numbers in Google search | Engadget

IBM’s cloud has gone down hard across the world.

We’d love to tell you just how hard the service has hit the dirt, but even the Big Blue status page is intermittently unavailable:

IBM Cloud status page … Click to enlarge

Your humble hack has an IBM Cloud account, and when attempting to login in the hope that a customer-facing page could offer some information, he saw only the following error message:

Click to enlarge

IBM’s social feeds are silent on the outage at the time of writing.

One Australian IBM Cloud user told us that the outage has run for at least two hours, and means he is unable to deliver business services that customers depend on as they start their days. The breakdown is said to be global.

Clients are mad as hell because the blunder appears to have hit after business hours on the east coast of America, and IBM has not been responsive.

@IBMcloud we understand networking is a complicated thing and sometimes ‘shit happens’. But in some parts of the world is really late, and there’s people on duty after hours so… a short briefing message would be much appreciated, because right now this is what i’m visioning pic.twitter.com/8SreDv73sB

— mani (@spiralpain) June 9, 2020

All my customers impacted globally.. not sure how will I be able to convince them to host their applications on @ibmcloud again ? 40 Minutes.. hard down. .even their status page is intermittently unavailable…

— Constable सत्यान्वेशी !!!!! (@GoFindTheTruth) June 9, 2020

The Register has asked IBM to explain the outage, and we will update this story if and when more information becomes available. ®

Updated to add at 0020 UTC on June 10

The user we spoke to earlier tells us that their IBM-hosted services have come back to life. However, the IBM Cloud status page is still not working, and when this vulture tried to view it or to log on, this appeared…

Your cloud is important to us. If you’d like to know more, press refresh for an hour or more.

Final update at 0140 UTC on June 10

The IBM Cloud’s status page is live again, and users can log in once more.

The status page lists fifteen active events though offers almost no detail other than the admission that: “Technical teams are engaged and have identified a broad network incident that is impacting many cloud services.” That information appears in a notification titled “Watson Platform users are unable to access console or applications in all regions.”

Source: From off-prem to just off: IBM Cloud goes down planet-wide so hard even the status page didn’t work • The Register