WannaCry was based on an NSA exploit that was leaked on the Web by a group known as Shadow Brokers in April. The worm was weaponised with ransomware that encrypted files on Windows computers and then demanded a ransom.
A Reuters report said the plant in question builds models like the Accord, Odyssey Minivan and Step Wagon compact multipurpose vehicle and about 1000 vehicles emerge from its premises each day.
The report did not say how the WannaCry infection had occurred, long after the rest of the world saw its progress halted. The worm was stopped in its tracks when a British researcher registered a domain which he had noticed in the code of the malware.
|
|
However, apart from the Sayama plant, no other production unit was affected and work at Sayama was resumed on Tuesday, she said.
Renault and Nissan were also hit by WannaCry and work was interrupted in Japan, Britain, France, Romania and India.
Commenting on the incident, Gavin Millard, technical director at security firm Tenable, said: "That the exploitation of MS17-010 through WannaCry and other derivatives is still causing a problem is hardly surprising. Conflicker and MS08-67, the main vulnerability it exploited, is still popping up on occasion nine years after it began infecting millions of systems around the world.
"To reduce the probability of being infected by ransomware, and more concerning a targeted attack leveraging the same vulnerabilities, continuous visibility into the vulnerability status of every asset in the modern computing environment is critical in reducing the available attack surface.
"Of course, just patching these bugs isn’t always simple, as it could cause disruption to the organisation. If that is the case, then compensating controls must be put in place and proper, risk-based decisions must be made.
"Put simply if you can’t patch it, protect it, and if you can’t do either then prepare to pay."
