September 20, 2011, 1:43 PM — Japan's top defense contractor has confirmed a series of attempts to penetrate its data on missiles, submarines and nuclear power plants using spear-phishing messages carrying malware payloads had infected more than 80 servers as potential entry points.
Mitsubishi Heavy Industries (MHI) discovered the viruses on servers and desktop computers last month and said it had launched a full investigation.
It had not told government officials about the attack, however, as required by Japanese law.
Ministry of Defense spokesmen said they heard about the attack from the local media after it was leaked from anonymous source at MHI.
The Ministry of Defense has ordered Mitsubishi to have its security audited, a process the ministry will monitor and take over, if necessary according to Defense Minister Yasuo Ichikawa, who spoke at a press conference earlier today.
"It's up to the defense ministry to determine whether leaked information is important, " a Defense Ministry spokesman told Reuters. "A report should have been made."
Unlike in the U.S., where corporations have much greater latitude to choose when and whether to inform federal officials of attacks, Japanese manufacturers are required by law to inform the government of attempts at penetration.
Japanese Defense Minister Yasuo Ichikawa said at a news conference today that attackers did not crack into any sensitive information – which is probably just as reliably reassuring a statement as those made by nuclear-energy supervisors who said that the Fukushima nuclear plant was safe and relatively undamaged – during the day or so between the earthquake and tsunami March 11, 2011 and series of three massive hydrogen explosions that began a day later.
between the earthquake and massive explosion xxxxx –
Other reports claimed IP addresses may have been taken but didn't identify any other information that may have been compromised.
No one has claimed responsibility for the attacks which, in addition to the information they targeted, make them more likely to be attempts at espionage than sabotage.
Japanese investigators said they suspect the same Chinese hacking operations that have been successful in penetrating U.S. military and government sites.