Bridgestone tyre factories hit by cyberattack in the Americas

A number of Bridgestone’s tyre factories in North and South America have been hit by cyberattacks resulting in production shutdowns. Some sources have even suggested that the actions are linked to the war in Ukraine.

The news broke at the end of February when the trade union representing tyre factory workers, the United Steelworkers of America (USW), shared that production staff had been sent home. In a now-deleted Facebook post USW 1155L, which represents workers at Bridgestone’s Warren County, Tennessee factory, said: “Warren hourly teammates who are scheduled to work day shift, March 1st, will not be required to report to work (no hit, no pay, or you have the option to take vacation)”.

Bridgestone clarified that it is investigating a “potential incident” and that its resultant actions affected both new tyre and retreading factories in the North and South America:

“Since learning of the potential incident in the early morning hours of February 27, we have launched a comprehensive investigation to quickly gather facts while working to ensure the security of our IT systems. Out of an abundance of caution, we disconnected many of our manufacturing and retreading facilities in Latin America and North America from our network to contain and prevent any potential impact, including those at Warren TBR Plant”, a Bridgestone spokesperson wrote in an official statement, adding:

“Until we learn more from this investigation, we cannot determine with certainty the scope or nature of any potential incident, but we will continue to work diligently to address any potential issues that may affect our operations, our data, our teammates, and our customers.”

However, Bridgestone declined to give further details of either how many factories were affected by the initial attack or by its subsequent preventative measures.

What we do know is that, at the Warren County factory, hourly workers were still not required on 2 March 2022. One local news report specified that by 2 March union posts were only directing workers in departments such as maintenance and warehouse to report to work. Two days into the shutdown, Bridgestone reported that its teams continued to work to minimise the impact of the attack, with a subsequent statement saying the company is “continuing to execute…robust business continuity plans and established governance process to do everything we can to minimize impact to our customers and teammates”, according to various local news sources.

The good news for Bridgestone is that there seems to be progress: “We are making progress on the investigation towards determining the scope and nature of the incident, and we will continue to work diligently to restart all operations efficiently and safely and to address any issues that may affect our operations, our data, our teammates, and our customers.”

Retaliation related to the Russia-Ukraine war?

The Tennessee Lookout drew parallels with similar cyberattacks at Toyota, which have been linked to the Russia-Ukraine war. In that case, Toyota paused production at all 14 of its Japanese car factories in response to a suspected cyberattack plastic parts and electronic components supplier.

Reuters quoted Japanese Prime Minister Fumio Kishida as stating that Japan is investigating whether Russia was involved: “It is difficult to say whether this has anything to do with Russia before making thorough checks”.

Were that the case, the working theory is that the attacks were a form of retaliation against Japan for its support of sanctions against Russia, which were themselves implemented due to Russia’s invasion of Ukraine.

Bridgestone Americas operate dozens of facilities across North America, Central America and the Caribbean, with a workforce of over 50,000.