Tuesday, September 20, 2011

Japan anxious over defence data as China denies hacking weapons maker

Cyberattack at Mitsubishi Heavy Industries worries Tokyo as it keeps information on submarines, missiles and fighter jets.

China has angrily denied suggestions that it was behind a hacking attack targeting Japan's biggest weapons contractor.

Dozens of the firm's computers were infected in what reports suggested was a co-ordinated attack on Mitsubishi Heavy Industries, which may have resulted in the leak of sensitive defence information.

The company, whose military inventory includes submarines, US-designed F-15 fighter jets and surface-to-air Patriot missiles, said that only network information and IP addresses might have fallen into the hackers' hands.

A spokesman for the firm confirmed that 83 computers and servers at 11 locations, including Mitsubishi Heavy's headquarters in Tokyo and shipyards in Nagasaki and Kobe, had been accessed.

Speculation that hackers in China were responsible grew after media reports said Chinese characters had been detected in the attack. But Hong Lei, a Chinese foreign ministry spokesman, told reporters: "The Chinese government has consistently opposed hacking activities. The law strictly prohibits this.

"China is one of the main victims of hacking … criticising China as being the source of the hacking attacks is not only baseless, it is also not beneficial for promoting international co-operation for internet security."

Mitsubishi Heavy was criticised for failing to report the attack, and could face serious financial repercussions if a police investigation reveals that military secrets were divulged.

Under its agreement with the Tokyo government, the company is required to immediately inform authorities of any suspected breach of sensitive or classified information.

Defence officials were reportedly furious after learning of the attacks through recent media reports, about a month after they took place.

"It is up to the defence ministry to decide whether or not the information is important," Professor Yoshiyasu Takefuji, a cybersecurity expert at Keio University in Tokyo, told Reuters.

Takefuji said the breach, the first of its kind involving a Japanese defence firm, had exposed the country's poor state of readiness for cyber-warfare. "This happened a month ago, and it's just in the last few days they realised how bad it was," he said. "They've been dozing for the past month."

Any leak of classified information could result in large fines for Mitsubishi Heavy, which earns a tenth of its revenue from government contracts, often in partnership with US firms such as Lockheed Martin.

The defence minister, Yasuo Ichikawa, said that he was not aware that any important information had been leaked.

Last year, the ministry awarded Mitsubishi 215 contracts worth a combined 260bn yen (£2.1bn), equivalent to almost a quarter of its annual expenditure. "We are not aware of any important data being leaked," he said. "The ministry has business ties with the company, so we will instruct it to review its information control systems."

On Monday night, Japanese media reported that the scandal may escalate after IHI, which builds engine parts for fighter planes, had fallen victim to similar attacks. The Kyodo news agency reported that the websites of several government agencies had been attacked over the weekend.

The national police agency said recent online message boards in China had encouraged hackers to disrupt Japanese websites ahead of the 80th anniversary on Sunday of the Mukden incident, an explosion staged by the imperial Japanese army that led to its invasion of China.

http://www.guardian.co.uk

No comments:

Post a Comment