A major Japanese defence contractor discovered cyber-attackers had breached its computer network in August. The company says it is not clear yet what has been compromised.
Approximately 45 servers and 38 computers were infected with malware at ten facilities located throughout Japan and its Yokohama headquarters, Mitsubishi Heavy Industries told Reuters. Japan’s largest defence contractor discovered at least eight different pieces of malware, including data-stealing Trojans, were used in the 11 August attack.
Affected facilities included Kobe Shipyard & Machinery Works, a manufacturing plant in southwest Japan which builds submarines and components to build nuclear power stations, Nagasaki Shipyard & Machinery Works, which makes escort ships, a shipbuilding yard for destroyers in Nagoya, located in central Japan, and the Nagoya Guidance & Propulsion System Works, which makes engine parts for missiles.
“There is no possibility of any leakage of defence-related information at this point,” a Mitsubishi Heavy spokesperson told Reuters. The news agency said major Japanese newspaper Yomiuri is reporting that some information was moved around on Mitsubishi’s computers which contained information on the company’s nuclear power plant, submarine and missile businesses.
“We’ve found out that some system information such as IP addresses have been leaked and that’s creepy enough,” the spokesperson told Reuters.
After an employee noticed abnormalities in an infected system, outside experts were brought in to investigate, according to Mitsubishi. The company did not know who was responsible for the attack, but an in-depth report on the incident is expected by 30 September, the spokesperson said. Mitsubishi has reported the incident to police and is proceeding with an in-house investigation.
“With over 80 computers compromised, the Mitsubishi Heavy Industries attacks show that once compromised, the internal network can become a playground for sophisticated attackers,” Adam Powers, CTO of Lancope, told eWEEK. Once the attackers are inside the network, detection and remediation becomes more difficult, he said.
Mitsubishi Heavy Industries makes warships, submarines and other-defence related equipment. The Japanese constitution prohibits the company from exporting weapons, but there are exemptions for companies who are working with other countries on joint research and development of anti-missile defence systems. The contractor works with Raytheon to make weapons such as surface-to-air Patriot missiles and AIM-7 Sparrow air-to-air missiles, and with Boeing to supply parts for 787 Dreamliner jets and F15J fighter jets.
The attack on Lockheed Martin has been confirmed to have used the information about SecurID two-factor authentication technology that had been stolen earlier in the year from EMC’s RSA Security.
“Cyber-criminals, whether state-sponsored or not, are interested in stealing sensitive information which could have more than a financial value,” Graham Cluley, senior technology consultant at Sophos, wrote on the Naked Security blog. Organisations would be “foolish” to ignore these threats, Cluley added.
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…