In early March 2022, Toyota Japan found itself in a challenging situation as it had to halt operations across its 14 production facilities in Japan. The catalyst? A cyber attack that struck one of its critical suppliers. Fast forward to July 2023, and Toyota faced yet another setback when it had to suspend its packaging activities due to a cyber attack at the port of Nagoya. By the end of August 2023, the company was forced to suspend production once more in all 14 of its Japanese plants, citing a "glitch" in its IT system.
As if these incidents weren't enough to raise alarms, just yesterday, Volkswagen reported similar disruptions in their operations. They had to shut down production in certain factories due to a cyberattack that disrupted their IT network at the Wolfsburg headquarters. https://www.scmagazine.com/brief/cyber-incident-disrupts-volkswagens-operations
These examples serve as stark reminders of the intricate connection between Industrial Control Systems (ICS) and Operational Technology (OT) systems with IT networks. Even when a cyberattack isn't directly targeting the production network, its ripple effects can disrupt critical operations. It underscores the imperative need for enhanced ICS/OT security measures to extend into the broader IT network infrastructure. These events serve as a clear "ALARM," highlighting the importance of a comprehensive approach to cybersecurity in today's interconnected industrial landscape.