| Recurring |
multiple_organization |
(a) The software failure incident at Honda is not explicitly mentioned to have happened again within the same organization in the provided article [101219].
(b) The article mentions a similar incident involving a computer virus hitting Japanese automaker Honda, disrupting its internal computer networks. This incident is not unique to Honda as previous assaults on Japanese corporations have been aimed at disrupting communications or stealing data [101219]. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident at Honda was likely due to contributing factors introduced during the design phase. The attack was carried out by software designed to attack the control systems for industrial facilities like factories and power plants, indicating a sophisticated level of planning and design by the attackers [101219].
(b) The software failure incident at Honda could also be attributed to contributing factors introduced during the operation phase. Speculation has centered around a possible breach related to remote working policies put in place after the beginning of the coronavirus pandemic, suggesting that the operation or misuse of systems, such as remote access to internal networks, may have facilitated the introduction of the virus [101219]. |
| Boundary (Internal/External) |
within_system, outside_system |
(a) within_system: The software failure incident at Honda was likely due to a computer virus that penetrated the internal server and spread within the company's networks, disrupting operations and forcing the shutdown of factories globally [101219]. The attack was identified when employees could not open their email or files, indicating that the virus had infiltrated the internal systems of Honda [101219].
(b) outside_system: Speculation has arisen that the software failure incident at Honda may have been facilitated by a possible breach related to remote working policies implemented during the coronavirus pandemic. It is suggested that a system providing remote access to internal networks could have created an opportunity for hackers to introduce the virus from outside the system [101219]. |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident at Honda was caused by a computer virus, which disrupted the internal computer networks and control systems for industrial facilities like factories and power plants [101219]. This incident was likely a result of non-human actions, as the virus was designed to attack these systems without direct human involvement.
(b) Speculation has centered around a possible breach related to remote working policies put in place after the beginning of the coronavirus pandemic as a potential human action that may have contributed to the software failure incident at Honda [101219]. |
| Dimension (Hardware/Software) |
software |
(a) The software failure incident at Honda was not attributed to hardware issues but rather to a computer virus that disrupted the internal computer networks, affecting the control systems for industrial facilities like factories and power plants [101219].
(b) The software failure incident at Honda was caused by a computer virus that targeted the company's internal networks, disrupting operations and forcing the shutdown of factories across the globe. The attack was carried out by software designed to attack control systems for industrial facilities, indicating a failure originating in software [101219]. |
| Objective (Malicious/Non-malicious) |
malicious |
(a) The software failure incident at Honda was malicious in nature. The incident involved a computer virus attack on Honda's internal computer networks, disrupting operations across global factories and leaving employees unable to access email or internal servers. Cybersecurity analysts indicated that the attack was carried out by software designed to target control systems for industrial facilities, with the potential to bring factories to a halt or disrupt power grids. The attack was identified as a ransomware meant to disrupt industrial systems, indicating a malicious intent to disrupt operations [101219].
(b) The incident was not non-malicious as it involved a deliberate attack on Honda's systems with the objective of disrupting operations and potentially causing significant harm. |
| Intent (Poor/Accidental Decisions) |
poor_decisions, accidental_decisions |
(a) The software failure incident at Honda was likely due to poor decisions related to cybersecurity practices. The attack was carried out by software designed to attack control systems for industrial facilities, a capability previously only known to be used by state agents. The attack disrupted Honda's internal computer networks, leading to the shutdown of factories across the globe and leaving employees cut off from email or internal servers. Speculation has centered around a possible breach related to remote working policies put in place after the beginning of the coronavirus pandemic, suggesting that decisions related to remote access may have opened an opportunity for hackers to introduce the virus [101219].
(b) The software failure incident at Honda could also be attributed to accidental decisions or unintended consequences. The attack was identified when employees could not open their email or files, indicating that the virus had penetrated an internal server and then spread. The company ordered employees not to turn on corporate computers and temporarily shut factories to assess the extent of the damage. The cybersecurity firm Malwarebytes suggested that the tool used in the attack was a relatively new variety of ransomware meant to disrupt industrial systems, in addition to encrypting files, indicating an unintended consequence of the attack [101219]. |
| Capability (Incompetence/Accidental) |
accidental |
(a) The software failure incident at Honda was not attributed to development incompetence. The attack was carried out by software designed to attack control systems for industrial facilities, indicating a sophisticated and intentional cyberattack rather than a failure due to incompetence [101219].
(b) The software failure incident at Honda was accidental in the sense that the virus entered the internal networks, possibly through a breach related to remote working policies implemented during the coronavirus pandemic. The speculation is that a system providing remote access to internal networks may have inadvertently provided an opportunity for hackers to introduce the virus [101219]. |
| Duration |
temporary |
(a) The software failure incident at Honda was temporary. Production at most North American plants was canceled on Monday, resumed at some on Tuesday, and all were back running by Thursday. The last factory, located in Ohio, was reopened on Thursday morning [101219].
The incident was temporary as the company stated that it had "almost entirely recovered" by Friday, and production at the factories was temporarily paused to ensure safety before being resumed [101219]. |
| Behaviour |
omission, other |
(a) crash: The software failure incident at Honda resulted in the shutdown of factories across the globe, leaving employees cut off from email or internal servers. Production was canceled at most North American plants, and work was halted at factories in Brazil, India, and Turkey. The incident caused a disruption in business operations and forced the company to temporarily pause production to assess the extent of the damage [101219].
(b) omission: The virus attack on Honda's internal networks led to disruptions in various operations. For example, the American Honda Finance Corporation was unable to answer calls, fund contracts, provide payoff quotes, or service customer accounts. Additionally, a system that automatically orders parts for dealers was suspended, and dealers were unable to submit new warranty claims [101219].
(c) timing: The incident at Honda involved a timing aspect as well. The attack was identified on a Monday morning in Japan when employees could not open their email or files. The company ordered employees not to turn on corporate computers and temporarily shut factories to assess the extent of the damage. Production at the factories was temporarily paused to ensure safety, and the last factory, located in Ohio, was reopened on Thursday morning [101219].
(d) value: The software failure incident at Honda did not result in a loss of personally identifiable information, according to the company. However, various operations were disrupted, such as the American Honda Finance Corporation being unable to provide certain services to customers [101219].
(e) byzantine: The behavior of the software failure incident at Honda did not exhibit characteristics of a byzantine failure as described in the articles.
(f) other: The software failure incident at Honda involved the use of ransomware meant to disrupt industrial systems, in addition to encrypting files. The attack was identified as a variation of a group of programs called Snake, which was specifically aimed at Honda's internal networks. Speculation suggested that the virus may have entered the networks through a possible breach related to remote working policies implemented during the coronavirus pandemic [101219]. |