Mitsubishi Heavy Industries is one of Japan’s largest defense manufacturers, producing many vehicles including not only the AEGIS-equipped Kongō-class destroyers, the Type-90 and Type-10 main battle tanks and the F-2 jet fighter, but also the launch vehicles for Japan’s satellites. It appears that 80 of its computers (across several sites) have been compromised by a computer virus. Reuters reports:
Japan’s biggest defense contractor, Mitsubishi Heavy Industries Ltd, said on Monday hackers had gained access to its computers, with one newspaper saying its submarine, missile and nuclear power plant component factories had been the target.
The company said in a statement that some information could have been stolen in the first known cyber attack on Japan’s defense industry.
“We’ve found out that some system information such as IP addresses have been leaked and that’s creepy enough,” said a Mitsubishi Heavy spokesman.
“We can’t rule out small possibilities of further information leakage but so far crucial data about our products or technologies have been kept safe,” he said, adding the company first noticed the cyberattack on August 11.
The Yomiuri newspaper said about 80 virus-infected computers were found at the company’s Tokyo headquarters as well as manufacturing and research and development sites, including Kobe Shipyard & Machinery Works, Nagasaki Shipyard & Machinery Works and Nagoya Guidance & Propulsion System Works.
Many readers may remember the spate of incidents suffered by the Ministry of Defense and Self-Defense Forces, particularly involving the peer-to-peer file-sharing software Winny, in the mid-2000s. While both the SDF and MoD have increased their awareness of cyber-security, it seems that some of its suppliers have not. In the age of near-ubiquitous internet access, and ever more mobile work platforms, it is increasingly important that the MoD not only secures itself, but also insists upon the security of those it does business with, particularly with the possibility that China is fully aware of the power of cyber-warfare.
A former contributor to World Intelligence (Japan Military Review), James Simpson joined Japan Security Watch in 2011, migrating with his blog Defending Japan. He has a Masters in Security Studies from Aberystwyth University and is currently living in Kawasaki, Japan.
His primary interests include the so-called 'normalization' of Japanese security (i.e. militarization), and the political impact of the abduction issue with North Korea.
James Simpson has 254 post(s) on Japan Security Watch