Japan’s defense cybersecurity officers are on high alert after two contractors revealed they have suffered data breaches in recent years. A couple of weeks ago, Taro Kono, Japan’s defense minister, revealed that some army-linked organizations had been attacked.
Just a few days ago, the US Department of Defense
revealed that the Defense Information Systems Agency (DISA)
also suffered a data breach that compromised confidential information from
members and contractors.
The two affected companies are Pasco and Kobe
Steel, which provide geospatial surveying services. In both cases, the
companies’ networks were infected with a malware variant to extract sensitive
information and files. Previously, the Ministry of Defense recognized that
Mitsubishi Electric and NEC firms also experienced similar cybersecurity
The attack on Mitsubishi could seriously affect
the interests of the Defense of Japan, as the company is deeply involved in
multiple technology and infrastructure projects in the Asian country;
unofficial versions claim that the attackers extracted more than 200 MB of
sensitive information from the company. On the other hand, NCE also confirmed
unauthorized access to its systems, although the company claims that the
attackers failed to extract sensitive information.
There are still no official reports on the
identity of those responsible for the attacks. However, unofficial reports
attribute these attacks to Tick, a well-known Chinese government-sponsored
cybercriminal group. These hackers have engaged in multiple malicious campaigns
throughout the Asian continent, especially targeting Japanese companies.
The suspicions of cybersecurity specialists
stem from a statement from a major Pasco executive, who claims Tick compromised
the company’s networks in 2018. These statements also refer to an exploit in a
trend micro security firm tool used in the affected companies.
Finally, it is not yet clear whether the signatures under attack had not detected data breaches, or simply decided not to notify the authorities, a likely scenario since Japan lacks legislation on reporting cybersecurity incidents. According to the International Institute of Cyber Security (IICS), similar incidents highlight the need for data protection and incident reporting legislation.