We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Hackers hit Japan's biggest defense contractor

Mitsubishi Heavy Industries confirms attack, but claims no secrets were stolen

Japan's largest defense contractor, Mitsubishi Heavy Industries, today acknowledged that scores of its servers and PCs had been infected with malware, but denied that any confidential information had been stolen.

The Daily Yomiuri , citing confidential sources, first reported the attack, which involved as many as eight different types of malware, including Trojan horses.

A U.S.-based Mitsubishi spokesman confirmed that the company had uncovered a large-scale intrusion that had planted malware on 45 servers and an additional 38 individual PCs in several locations around Japan.

Servers at Mitsubishi's Kobe shipyards, where the company builds diesel-electric submarines and components for nuclear power plants; at the company's Nagasaki shipyards; and at its Nagoya plant, which designs and manufactures missile guidance systems, were among those compromised, the spokesman said.

Mitsubishi Heavy's corporate headquarters in Yokohama was also affected by the infection.

"This is certainly the first incident [at Mitsubishi] of this magnitude," the spokesman admitted.

According to a Japanese-language statement issued by Mitsubishi on Monday, the infection was detected in mid-August and has been under investigation since then.

"Mitsubishi IP addresses had been disclosed, but [the attack] was caught at an early stage," said the U.S. spokesman, who added that the investigation had not turned up evidence that data had been pilfered from the compromised servers.

The attack against Mitsubishi followed others this year aimed at U.S. defense contractors, including Lockheed Martin , which manufactures the F-22 Raptor and F-35 Lightning II fighter aircraft. The Lockheed attack was carried out using information stolen earlier from RSA Security, the branch of EMC that produces the SecurID two-factor authentication token used by thousands of contractors and corporations to secure their networks.

Enterprise systems are often infected after attackers target individuals by sending them malware-infected business files, such as malicious Microsoft Excel spreadsheets or Word documents.

Other defense organizations were also targeted by the same malware-infected files that were used to hack into RSA's network.

Mitsubishi's spokesman said that the company had not pinpointed the origin of the attacks, but most experts have argued that Chinese hackers, perhaps supported by the Communist government, were responsible.

According to Defense News, Mitsubishi Heavy was the world's 26th-largest defense contractor in 2010.

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer , or subscribe to Gregg's RSS feed . His e-mail address is [email protected] .

Read more about security in Computerworld's Security Topic Center.

IDG UK Sites

Best camera phone of 2015: iPhone 6 Plus vs LG G4 vs Galaxy S6 vs One M9 vs Nexus 6

IDG UK Sites

In defence of BlackBerrys

IDG UK Sites

Why we should reserve judgement on Apple ditching Helvetica in OS X/iOS for the Apple Watch's San...

IDG UK Sites

Retina 3.3GHz iMac 27in preview: Apple cuts £400 of price of Retina iMac with new model