Hackers steal data on nuclear plants and fighter jets

Filed Under: Data loss, Malware

PlansA high-tech military contractor, which suffered an attack from hackers earlier this year, is reported to have lost sensitive data related to defence equipment including fighter jet planes and nuclear power plant plans.

The Ashai Shimbun claims that when Mitsubishi Heavy Industries was hit by an attack earlier this year sensitive data and plans were also stolen from the company's network.

The news report claims that sources told it that an investigation had discovered information about fighter jets, helicopters and nuclear power plant design and safety plans, could have been stolen following a malware infection.

According to reports, checks on Mitsubishi Heavy computers have uncovered evidence that information was transmitted via them to parties unknown.

Kobe shipyardMitsubishi Heavy Industries, Japan's biggest defense contractor, revealed that it had suffered a malware attack in August which affected network servers and PCs at ten facilities across Japan, including its submarine manufacturing plant in Kobe and the Nagoya Guidance & Propulsion System Works, which makes engine parts for missiles.

The firm was criticised for not reporting the security breach to Japan's Defence Ministry until a month later, when details emerged in the press.

At the time, a Mitsubishi spokesperson said that "there is no possibility of any leakage of defense-related information at this point."

A large question mark remains regarding who was responsible for the targeted attack on Mitsubishi Heavy Industries.

Earlier this year there were a series of cyber attacks against US military contractors, including Lockheed Martin, L-3 Communications and Northrop Grumman, and US Deputy Defense Secretary William Lynn publicly claimed that a foreign intelligence agency was behind a hack attack that stole classified information about a top secret weapons system.

Whoever it was who attacked Mitsubishi Heavy Industries, and whatever their motive, it's clear that all organisations need to take their computer security very seriously.

Cybercriminals, whether state-sponsored or not, are interested in stealing sensitive information which could have more than a financial value. You would be foolish to ignore such a threat. As such, it's essential that you ensure that your organisation has strong defences in place to reduce the risk of attack.

, , , , , ,

You might like

4 Responses to Hackers steal data on nuclear plants and fighter jets

  1. Oliver V · 1041 days ago

    Typo: At the time, a Mitsubishi spokesperson said that that... (there's an extra "that")

    Good write up though. I'm currently in college pursuing a career in computer security and I may end up working for a defense contractor someday. I just hope that it's not as stressful as it seems with all the news of these recent attacks.

  2. David K. M. Klaus · 1035 days ago

    I don't understand why computers with data such as this are connected to the web in the first place. If you have material requiring a level of secrecy on your computer, you computer shouldn't be on the web where it can be compromised. Period.

    How can people so smart be so dumb at the same time?

  3. Chris Fournier · 1035 days ago

    Companies with data this sensitive should have a security admin on at all times watching the logs. No matter how good your security is, there are people who can crack it. It takes both good security measures, and eyes on the logs to prevent problems like this.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.