Japan is latest victim in global military cyber espionage attacks

Largest weapons maker reports attempts on data about missiles, ships, planes

By Kevin Fogarty

One local newspaper reported that Chinese script had been found in one of the viruses, but there is, as yet, no public confirmation of that.

A Chinese foreign minister denied any involvement and repeated China's frequent claim to being more hacked against than hacking.

Even the BBC is aware enough of negative reactions to successful hacks on U.S. military computers to follow China's denial by pointing out that "'fear of the "cyber-dragon' is driving forward a fundamental re-think of US policy which is coming more and more to regard computer hacking as a potential act of war."

The attack followed the same relatively generic pattern as many penetrations of U.S. government computers: phishing messages aimed at specific individuals or any member of a department arrive in wave, urging recipients to open attachments or visit specific Web sites that deliver the malware payload.

Main targets for the attack included a shipyard in Nagasaki that manufactures destroyers, another in Kobe that builds submarines and parts for nuclear power stations and a third in Nagoya that builds missiles.

MHI also builds U.S.-designed F-15s and Patriot Missile batteries under license from U.S. firms.

A second contractor affiliated with MHI – an aircraft-parts maker called IHI Corp. – reported it had been receiving malware-loaded email for months but its security system had filtered them out.

Japanese media reports that some other Japanese web sites had been hit with DDOS attacks, reinforcing demands for greater security made by a government analysis that found holes in the security of some agencies, following an investigation inspired by attacks on U.S. firms including Lockheed Martin and others.

Japanese officials said it's the first instance they know of in which foreign entities have attacked Japanese web sites or data.

Read more of Kevin Fogarty's CoreIT blog and follow the latest IT news at ITworld. Follow Kevin on Twitter at @KevinFogarty. For the latest IT news, analysis and how-tos, follow ITworld on Twitter and Facebook.