Mitsubishi Heavy Industries, Japan’s biggest defense contractor, has revealed that it suffered a hacker attack in August that caused some of its networks to be infected by malware.
The firm – which is involved in a wide range of activities including space rockets, the production of jet fighters, shipbuilding, and running nuclear power plants – said that 45 network servers and 38 PCs became infected with malware at ten facilities across Japan.
The infected sites included its submarine manufacturing plant in Kobe and the Nagoya Guidance & Propulsion System Works, which makes engine parts for missiles.
The Japanese newspaper Yomiuri claimed that at least eight different pieces of malware, including some which stole data, were discovered at Mitsubishi sites.
A Mitsubishi spokesperson, however, was quoted as saying that “there is no possibility of any leakage of defense-related information at this point.”
The company first noticed the attack on August 11th, and expects to have the results of an investigation into the security breach by the end of September.
If Mitsubishi Heavy Industries was targeted by hackers, the obvious question to ask is who was behind the attack and what was the motive?
Earlier this year we saw a series of cyber attacks against US military contractors, including Lockheed Martin, L-3 Communications and Northrop Grumman, and US Deputy Defense Secretary William Lynn publicly claimed that a foreign intelligence agency was behind a hack attack that stole classified information about a top secret weapons system.
Whoever it was who attacked Mitsubishi Heavy Industries, and whatever their motive, it’s clear that all organisations need to take computer security seriously.
Cybercriminals, whether state-sponsored or not, are interested in stealing sensitive information which could have more than a financial value. You would be foolish to ignore such a threat, and must ensure that your organisation has strong defences in place to reduce the risks.Follow @gcluley