Cyber-Attack Hits Japan’s Largest Defence Contractor

A major Japanese defence contractor discovered cyber-attackers had breached its computer network in August. The company says it is not clear yet what has been compromised.

Approximately 45 servers and 38 computers were infected with malware at ten facilities located throughout Japan and its Yokohama headquarters, Mitsubishi Heavy Industries told Reuters. Japan’s largest defence contractor discovered at least eight different pieces of malware, including data-stealing Trojans, were used in the 11 August attack.

Attacks Focus On Warships

Affected facilities included Kobe Shipyard & Machinery Works, a manufacturing plant in southwest Japan which builds submarines and components to build nuclear power stations, Nagasaki Shipyard & Machinery Works, which makes escort ships, a shipbuilding yard for destroyers in Nagoya, located in central Japan, and the Nagoya Guidance & Propulsion System Works, which makes engine parts for missiles.

“There is no possibility of any leakage of defence-related information at this point,” a Mitsubishi Heavy spokesperson told Reuters. The news agency said major Japanese newspaper Yomiuri is reporting that some information was moved around on Mitsubishi’s computers which contained information on the company’s nuclear power plant, submarine and missile businesses.

“We’ve found out that some system information such as IP addresses have been leaked and that’s creepy enough,” the spokesperson told Reuters.

After an employee noticed abnormalities in an infected system, outside experts were brought in to investigate, according to Mitsubishi. The company did not know who was responsible for the attack, but an in-depth report on the incident is expected by 30 September, the spokesperson said. Mitsubishi has reported the incident to police and is proceeding with an in-house investigation.

“With over 80 computers compromised, the Mitsubishi Heavy Industries attacks show that once compromised, the internal network can become a playground for sophisticated attackers,” Adam Powers, CTO of Lancope, told eWEEK. Once the attackers are inside the network, detection and remediation becomes more difficult, he said.

Defence Industry Targeted

Mitsubishi Heavy Industries makes warships, submarines and other-defence related equipment. The Japanese constitution prohibits the company from exporting weapons, but there are exemptions for companies who are working with other countries on joint research and development of anti-missile defence systems. The contractor works with Raytheon to make weapons such as surface-to-air Patriot missiles and AIM-7 Sparrow air-to-air missiles, and with Boeing to supply parts for 787 Dreamliner jets and F15J fighter jets.

In May, several defence contractors in the United Stateswere hit by cyber-attackers, including Lockheed Martin, L-3 Communications and Northrop Grumman. It appears that some classified information about a top-secret weapons system had been stolen. US Deputy Defence Secretary William Lynn has stated publicly that a foreign intelligence agency had been behind the attacks on defence contractors.

The attack on Lockheed Martin has been confirmed to have used the information about SecurID two-factor authentication technology that had been stolen earlier in the year from EMC’s RSA Security.

“Cyber-criminals, whether state-sponsored or not, are interested in stealing sensitive information which could have more than a financial value,” Graham Cluley, senior technology consultant at Sophos, wrote on the Naked Security blog. Organisations would be “foolish” to ignore these threats, Cluley added.

Fahmida Y Rashid eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved.

Share
Published by
Fahmida Y Rashid eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved.
Tags: cyber-war

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

3 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

3 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

3 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

4 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

4 days ago