Upcoming Virtual Event: Cloud Security Summit | July 17 - Register Now
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Security Infrastructure

Defense and Nuclear Information Targeted in Mitsubishi Attack

According to local Japanese media, defense information and nuclear power plant design and safety plans were taken during the attack on Mitsubishi Heavy Industries, which was discovered in August, and disclosed in September.

Japan’s largest defense contractor said in August that it “would continue to strengthen” existing security measures, but believed that it had contained the cyber attack.

According to local Japanese media, defense information and nuclear power plant design and safety plans were taken during the attack on Mitsubishi Heavy Industries, which was discovered in August, and disclosed in September.

Japan’s largest defense contractor said in August that it “would continue to strengthen” existing security measures, but believed that it had contained the cyber attack.

In October however, the company changed its tune some, admitting “the company recently confirmed unintended transferring of some information on the company’s products and technologies between servers within the company.”

Asahi Shimbun is reporting that upon further investigation, Mitsubishi has evidence that not only was data moved around within the company, but the computers at other locations show positive signs that information related to fighter jets and details of nuclear plaint design, equipment, and anti-earthquake measures were taken.

When the scale of the attack was made public, it was disclosed that 83 computers at MHI were compromised, spread out over eleven different locations. Included in the list of locations were the Kobe and Nagasaki shipyards (submarines and destroyers), and the facility in Nagoya, which was developing a guided missile system.

The company, as well as other Japanese and US officials, say that the evidence strongly points to an attack from a nation state, naturally suggesting China. The Communist nation has denied these claims. In September, Mitsubishi Heavy Industries told SecurityWeek that it had no clues as to who was behind the attacks.

Suggested Reading: Breach Forensics: Keeping Things from Going from Bad to Worse

Advertisement. Scroll to continue reading.

In related news, supporting the suspicion of China’s role in the MHI attack, comes the story that around the same time Japan’s defense industry was targeted, law makers were being monitored.

According to reports, and confirmation from senior officials, the usernames and passwords of some 480 members and staff in the Japanese Parliament’s Lower House were compromised for at least a month before the intrusion was discovered. The destination of the harvested credentials was a server in China.

The company manufactures many weapons systems and aircraft including Patriot missiles, under license from Raytheon, F-15J Fighter Jets, under license from Boeing, and several other guided weapons systems.

Related Reading:

Lockheed Martin Acknowledges “Tenacious” Cyber Attack

Three Lessons from the RSA Hack, from a Customer’s Perspective

Foreign Cyber Attack Hits Canadian Government

Guerilla Cyber Warfare: Are We Thinking Defensively?

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how to utilize tools, controls, and design models needed to properly secure cloud environments.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Anirban Sengupta has been named the CTO and SVP of Engineering of cloud networking and security firm Aviatrix.

Axonius has named Nick Degnan as its first Chief Revenue Officer and Rob Casselman as its first Chief Customer Officer.

Craig Boundy has left Experian to join McAfee as President and CEO.

More People On The Move

Expert Insights