Mitsubishi Heavy Industries (MHI), Japan’s primary defense contractor, recently suffered a data breach that may be the first major cyber-attack on Japan’s defense industry to be publicly disclosed, according to a report from Reuters.
The attack, first discovered in early August, is believed to have purloined data from more than 80 virus-infected MHI computers located in the company’s Tokyo headquarters and production sites. Targeted sites include shipyards and machinery works in Nagasaki and Kobe, as well as guidance and propulsion system works in Nagoya, according to a report in the local Yomiuri newspaper cited by Reuters. An analysis of the infected computers found at least eight different Trojans, at least one of which was a key logger.
A company spokesman said that stolen data includes IP addresses for internal systems, and the company isn’t ruling out the loss of other data. However, MHI claims that data about its products and technologies wasn’t compromised in the attack.
The shipyard in Kobe is reported to build submarines and nuclear power plant components and the shipyard in Nagasaki is reported to build escort ships. The factory in Nagoya reportedly produces guided missiles and other propulsion systems.
MHI is Japan’s largest defense contractor, having won some 215 deals worth an estimated 260 billion yen ($3.4 billion).
US defense and government contractors have been the target of cyber crime and espionage for more than a decade. This year alone, defense contracting giants Lockheed Martin and Booz Allen Hamilton have both experienced breaches as have firms, like RSA, that supply government agencies with technology. Though the MHI attack is the first publicized cyber-attack on the Japanese defense industry, its unclear whether it is actually the first successful attack, or just the first one officials know about and will admit to.
