Japan's defense industry hit by its first cyber attack

TOKYO Mon Sep 19, 2011 4:53am EDT

TOKYO (Reuters) - Japan's biggest defense contractor, Mitsubishi Heavy Industries Ltd, said on Monday hackers had gained access to its computers, with one newspaper saying its submarine, missile and nuclear power plant component factories had been the target.

The company said in a statement that some information could have been stolen in the first known cyber attack on Japan's defense industry.

"We've found out that some system information such as IP addresses have been leaked and that's creepy enough," said a Mitsubishi Heavy spokesman.

"We can't rule out small possibilities of further information leakage but so far crucial data about our products or technologies have been kept safe," he said, adding the company first noticed the cyberattack on August 11.

A Japanese defense white paper released last month urged vigilance against cyber attacks after a spate of high-profile online assaults this year that included Lockheed Martin and other U.S. defense contractors.

There were suggestions at the time that those attacks had originated in China.

The Yomiuri newspaper said about 80 virus-infected computers were found at the company's Tokyo headquarters as well as manufacturing and research and development sites, including Kobe Shipyard & Machinery Works, Nagasaki Shipyard & Machinery Works and Nagoya Guidance & Propulsion System Works.

Kobe Shipyard currently builds submarines and makes components to build nuclear power stations, while the Nagasaki Shipyard makes escort ships. The Nagoya plant makes guided missiles and rocket engines, the paper said citing unnamed sources.

At least eight different kinds of computer virus including Trojan horse, which steals key information from infected computer hardware, were found at Mitsubishi Heavy's main office or production sites, the Yomiuri said.

It is the country's biggest defense contractor, winning 215 deals worth 260 billion yen ($3.4 billion) from Japan's Ministry of Defense in the year to last March, or nearly a quarter of the ministry's spending that year.

Weapons included surface-to-air Patriot missiles and AIM-7 Sparrow air-to-air missiles.

Mitsubishi Heavy has also been working closely with Boeing, making wings for its 787 Dreamliner jets.

"It's probably just the first that hacking attacks in Japan have been detected. It's consistent with what we've seen already with big American defense companies," Andrew Davies, a cyber-warfare analyst with the government backed defense think-tank, the Australian Strategic Policy Institute, told Reuters.

"The Japanese make large conventional submarines that are among the world's most sophisticated ... (they) have very nicely integrated solutions with their own mechanical, electronic and control systems, so it a pretty attractive hacking proposition, to get the design of a Japanese submarine," he added. ($1 = 76.875 Japanese Yen)

(Additional by Rob Taylor in Canberra, Editing by Jonathan Thatcher)

We welcome comments that advance the story through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Reuters. For more information on our comment policy, see http://blogs.reuters.com/fulldisclosure/2010/09/27/toward-a-more-thoughtful-conversation-on-stories/
Comments (1)
Aeandevil wrote:
Was it the zero-day SCADA attacks that were used to infiltrate this site?
—Probably. Wait reuters you will have plenty of stories like this, A patch has yet to come out and its not like the security features could be implemented on day-one without extensive testing. With these security holes in these manufacturing and power plant systems it will not be long before someone injects a stuxnet like virus to create some real chaos. Entities with more motivation than just for the lulz.

Sep 19, 2011 6:01pm EDT  --  Report as abuse
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.