Yesterday, defense watchers in Japan were told that around 80 computers at Mitsubishi Heavy Industries, one of Japan’s largest defense manufacturers, were compromised by a virus. The Yomiuri followed up on this report by asking if the compromising of the systems in August was the work of foreign spies (roughly translated for our loyal readers):
Mitsubishi Heavy Industries Server Sending Data Abroad On Its Own Accord… to Spies?
Machinery manufacturer Mitsubishi Heavy Industries (Tokyo) was hit by a cyber-attack, servers and computers at the company’s factory, making defense, nuclear energy plant machinery and more, were infected by a computer virus. One part of the problem is that, following the infection, a connection was made to a foreign website and data was sent involuntarily, it was learned from officials on the 19th.
The attackers relayed the data to these foreign sites, possibly allowing them to retrieve information and spread the infection. The Metropolitan Police Department, with the question of whether this was a case of espionage, is investigating possible suspects under violation of the Unauthorized Computer Access Law.
The Ministry of Defense has requested an explanation from Mitsubishi, which builds Japan’s submarines and naval destroyers.
According to officials, a consulting information security company is now investigating the logs of the server and other computers, confirming that connections were made to 14 sites outside the company network without being noticed. Four of those sites logged have servers located outside Japan, in China, Taiwan, the US and India. Also, the transmissions to these suspicious servers took place in only 20 machines.
At the moment, it is unclear whether this is a planned breach of security by an outsider at MHI and how the computers came to be infected – the Yomiuri article doesn’t leave me convinced that this was an act of espionage.
Hopefully this is an accident and hopefully nothing sensitive has been leaked – it has already announced that none such sensitive material leaks have been discovered, but it is unclear how thoroughly they have a grasp on the situation. In the short term, it may force other contractors with the Ministry of Defense to examine their own systems and security, which can only be a good thing for the defense industry here in Japan.
There is no telling yet whether scandal will have any significant impact on Mitsubishi Heavy Industries’ business.
A former contributor to World Intelligence (Japan Military Review), James Simpson joined Japan Security Watch in 2011, migrating with his blog Defending Japan. He has a Masters in Security Studies from Aberystwyth University and is currently living in Kawasaki, Japan.
His primary interests include the so-called 'normalization' of Japanese security (i.e. militarization), and the political impact of the abduction issue with North Korea.
James Simpson has 254 post(s) on Japan Security Watch