Cyber-attack from server in China targets Lower House

October 25, 2011

A cyber-attack mounted from a server in China apparently stole user ID codes and passwords of Lower House members and their secretaries who use the chamber's computer network, The Asahi Shimbun has learned.

It gave the hackers access to e-mails and documents possessed by the chamber's 480 lawmakers and other personnel for at least one month through late August, sources said.

The Lower House Committee on Rules and Administration opened an extraordinary meeting of its subcommittee on Oct. 25 and decided to set up a headquarters at the Lower House secretariat to investigate the case.

Yorihisa Matsuno, chairman of the subcommittee, told a news conference that the headquarters will report any violation of the law to police.

It will also ask all Lower House members to change their passwords for Internet use, although they are asked to do that once every three months.

Chief Cabinet Secretary Osamu Fujimura said on Oct. 25 that the Cabinet Secretariat's information security center and police are looking into the case.

"A response to cyber-attacks is an important challenge in terms of national security and crisis management," Fujimura told a news conference. "We want to take all possible measures."

The cyber-attack likely targeted confidential information on national politics, such as foreign and defense policies.

A server computer in the Lower House and office-use personal computers for lawmakers were infected with a computer virus after a Lower House member opened a file attached to an e-mail message at the end of July, the sources said.

The Trojan horse virus was designed to bring in, from a server computer in China, a program for stealing passwords and other data, the sources said.

The program attacked the Lower House server computer, breaching the antivirus firewall, when the lawmaker's computer was connected to the chamber's computer network.

The sources said the PCs of other Lower House members and officials were apparently infected after the program stole their ID codes and passwords.

The Lower House secretariat and Nippon Telegraph and Telephone East Corp., which maintains the chamber's server computer, are investigating the case.

Investigators have not found evidence that data on the Lower House server computer or the lawmakers' PCs was stolen or altered, according to the sources.

But the sources said the hackers were able to view the data using the stolen ID codes and passwords without leaving any trace of illegal access.

The lawmaker whose personal computer was first infected told the Lower House secretariat in late August that a virus apparently infected the computer.

The lawmaker's computer was forcibly connected to the server in China by the Trojan horse virus, which then brought in the data theft program.

It will be difficult to identify the culprit because anyone can add or use files on the server in China by accessing a website offering entertainment information on the server. The site was still open as of Oct. 24.

ID codes and passwords for the Lower House members and around 480 state-funded secretaries are stored on the chamber's server computer.

Lower House members use PCs partly for e-mail exchanges with government organizations, political parties and other lawmakers.

Some members also store personal information, such as lists of members of their support groups, accounting books of their political organizations and lists of donations.

The Lower House server computer contains documents on administrative affairs for the chamber.

A spokesperson for the Lower House secretariat declined to comment on a specific case, saying: "We are investigating whether computers and servers are infected with viruses and undoing the damage. We are not aware of any tangible damage, such as data loss."

An NTT East official said the company cannot comment, citing its relationship with the Lower House secretariat.

Cyber-attacks have become more wide-ranging and sophisticated in recent years.

A cyber-attack against Mitsubishi Heavy Industries Ltd., which surfaced in August, was the first full-blown case brought to light in Japan of an attempt to steal company information by infecting its computers with a virus.

Cyber-attacks first became big news in Japan in 2000, when more than 20 websites of central government ministries and agencies and related organizations were altered.

In September 2010, websites of the National Police Agency, the Defense Ministry and the prime minister's office were hit by an attack that directed a huge amount of traffic and slowed down communication speeds after a Chinese trawler rammed two Japan Coast Guard patrol boats off the disputed Senkaku Islands in the East China Sea.

  • 1
submit to reddit
The National Diet Building, right, and the Diet members' office buildings (Asahi Shimbun file photo)

The National Diet Building, right, and the Diet members' office buildings (Asahi Shimbun file photo)

  • The National Diet Building, right, and the Diet members' office buildings (Asahi Shimbun file photo)
  • The Asahi Shimbun

More AJW