THE ASAHI SHIMBUN
February 7, 2020 at 16:45 JST
Kobe Steel Ltd.’s office in Tokyo (Asahi Shimbun file photo)
The Defense Ministry on Feb. 6 revealed the names of two companies whose computer networks were accessed illegally, a rare disclosure that sheds light on the extent of cyberattacks committed against the ministry’s contractors.
The ministry said classified and other data designated as “secret” were not leaked in the cyberattacks against Kobe Steel Ltd. and aerial surveying company Pasco Corp.
Kobe Steel has sold submarine parts to the ministry while Tokyo-based Pasco provides topographical charts and images taken by satellites and aircraft.
Kobe Steel became aware of the attack in August 2016, while Pasco noticed the illegal access in May 2018, the ministry said. In both cases, computers used by company employees were infected with viruses through internet connections.
Defense Minister Taro Kono said at a news conference on Jan. 31 that four companies that do business with the ministry had been targeted by hackers.
At that time, Kono named Mitsubishi Electric Corp. and NEC Corp., both of which had already gone public about the attacks. He did not disclose the names of the other two companies.
Mitsubishi Electric and NEC officials said they suspect Chinese hacker groups were responsible for the intrusions. They also said they found no evidence that secret defense information had been leaked.
SECURITY TIGHTENED
Kobe Steel said it tightened its security measures after suspecting illegal access in 2016, but it found another breach in June 2017.
The company said its investigation found the possibility that ministry-related information had been leaked, and it issued an apology.
Pasco, a company under the umbrella of leading security firm Secom Co., said an outside investigation pointed to a China-affiliated hacker group as the likely perpetrator of the cyberattack.
Pasco has issued a statement pledging to tighten security and to work on preventive measures.
The ministry said it also investigated the attacks after receiving reports from the two companies.
DISCLOSURE SYSTEM PROPOSED
Hiroki Iwai, a cybersecurity specialist, welcomed the government’s change in stance in disclosing the two company names.
“It is meaningful to enlighten society that the threat of cyberattacks exists everywhere,” he said.
Iwai said that such a disclosure system is ideal because defense and important infrastructure affect security and other national interests.
“The government should create a foundation that allows companies to more easily disclose cyberattack damage, such as setting up guidelines about what information can be released,” Iwai said.
EDITORIAL: To prepare for next cyberattack, entities must work together
January 27, 2020
Mitsubishi Electric: Possible data leak from huge cyberattack
January 20, 2020
NEC reports illegal access to server for its defense projects
January 31, 2020
Hacker contest planned to locate defenders of cyberspace
October 23, 2019
Stories about memories of cherry blossoms solicited from readers
Cooking experts, chefs and others involved in the field of food introduce their special recipes intertwined with their paths in life.
A series based on diplomatic documents declassified by Japan’s Foreign Ministry
A series on the death of a Japanese woman that sparked a debate about criminal justice policy in the United States
A series about Japanese-Americans and their memories of World War II
Here is a collection of first-hand accounts by “hibakusha” atomic bomb survivors.
