The Japan Times carried a Kyodo Press report on the wider cyber-security scandal today:
The unsuccessful cyber-attack on Kawasaki Heavy Industries Ltd. in August was made via the computer system of the Society of Japanese Aerospace Companies, investigative sources said Saturday.
Police said a bogus email was sent Aug. 26 to an official at major defense contractor Kawasaki Heavy using the email address of an employee at the aerospace industry body. The hacking was unsuccessful as the Kawasaki Heavy official noticed abnormalities after opening an attached file and reported the matter immediately.
Was this SJAC employee the Typhoid Mary of this attack or just a piece in the puzzle? Having stolen his details, data and access, it would have been far easier to convince someone at one of the defense firms to open the email and attachment that led to the infection of their servers. It still not clear whether this was a targeted attempt on Japan’s defense contractors, or simply part of an automated infection.
A former contributor to World Intelligence (Japan Military Review), James Simpson joined Japan Security Watch in 2011, migrating with his blog Defending Japan. He has a Masters in Security Studies from Aberystwyth University and is currently living in Kawasaki, Japan.
His primary interests include the so-called 'normalization' of Japanese security (i.e. militarization), and the political impact of the abduction issue with North Korea.
James Simpson has 254 post(s) on Japan Security Watch