Connect with us

Hi, what are you looking for?



Japanese Defense Contractors Pasco, Kobe Steel Disclose Old Breaches

Japanese defense contractors Pasco and Kobe Steel this week disclosed cyber intrusions they suffered back in 2016 and 2018.

Japanese defense contractors Pasco and Kobe Steel this week disclosed cyber intrusions they suffered back in 2016 and 2018.

Pasco is Japan’s largest geospatial service provider and Kobe Steel is a major steel manufacturer. The two companies disclosed the breaches after Japan’s Ministry of Defense announced last week that two unnamed contractors, in addition to Mitsubishi Electric and NEC, had been targeted in cyberattacks.

Both companies and the Ministry of Defense said that no classified government information was compromised. Pasco also said it had not found any evidence that personal or business information had been exfiltrated, but in Kobe’s case some files may have been stolen.

Kobe said it first identified unauthorized access to its network in August 2016 and again in June 2017 while it was implementing new security measures. Pasco revealed that it had detected a hacker attack in May 2018.

Mitsubishi Electric reported in January that it discovered a breach in June 2019. The attack impacted both employee and corporate data and resulted in the theft of technical and sales materials, and trade secrets.

It has been reported that the attack on Mitsubishi Electric involved exploitation of a vulnerability in Trend Micro’s OfficeScan product. The flaw, tracked as CVE-2019-18187, has been described as an arbitrary file upload issue that could lead to remote code execution. In an advisory published in October 2019, Trend Micro warned that the vulnerability had been exploited in the wild.

In the case of NEC, the company said last month that the initial intrusion occurred sometime after December 2016, but it was only discovered in July 2017. More evidence of a breach was discovered in July 2018.

Advertisement. Scroll to continue reading.

NEC said the attackers gained access to tens of thousands of files, but it had found no evidence that information was leaked.

The attacks on Mitsubishi Electric, NEC and Pasco are believed to have been carried out by Chinese hackers.

Related: China-Linked Group Uses New Malware in Japan Attacks

Related: EU-Japan Deal to Protect Data Exchanges Takes Effect

Related: Japan Firm Says $32 Million Missing in Cryptocurrency Hack

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.