The Daily Yomiuri has a translation of an article from yesterday’s Japanese edition on the increasingly worrying extent of the penetration of Mitsubishi Heavy Industries’ computer systems following the discovery that a significant number of its servers and workstations had been hit by a virus:
Information on a domestically developed air-to-ship missile may have been leaked in cyber-attacks on Mitsubishi Heavy Industries, Ltd., according to sources close to the case.
The information on the Type 80 missile is suspected to have been leaked in one of the about 300,000 illegal accesses to the server installed at MHI’s Nagoya Guidance and Propulsion Systems Works in Komaki, Aichi Prefecture, the sources said.
The nation’s largest comprehensive heavy machinery maker, however, denied any information had been compromised.
“We haven’t yet confirmed any data leak on our products and technologies and we will continue our investigation,” an MHI spokesman said.
The compromised data is restricted but not secret, and it is in Mitsubishi’s best interest to keep denying that any data was retrieved, but it seems likely that some other restricted reports might also have been transferred by the infected systems.
At first glance, 300,000 instances of illegal access seems to be an excessively high number of instances, suggesting that the data-mining efforts were automated.
Again, details are thin on the ground, and no doubt will remain that way to all but MHI and MoD officials. It remains a worrying event, but the lessons to be learned will help Japan’s defense industry secure itself against possibly more organized and deeper-penetrating attacks in the future.
A former contributor to World Intelligence (Japan Military Review), James Simpson joined Japan Security Watch in 2011, migrating with his blog Defending Japan. He has a Masters in Security Studies from Aberystwyth University and is currently living in Kawasaki, Japan.
His primary interests include the so-called 'normalization' of Japanese security (i.e. militarization), and the political impact of the abduction issue with North Korea.
James Simpson has 254 post(s) on Japan Security Watch