Cyber-attacks on the major Japanese defense contractors Kawasaki Heavy Industries Ltd. and Mitsubishi Heavy Industries Ltd. both appear to have involved the same U.S.-based website.
In an apparently unsuccessful incursion, an employee at Kawasaki Heavy received an e-mail message and attachment at around 9:30 p.m. on Aug. 26 purporting to be from an e-mail address of the Society of Japanese Aerospace Companies (SJAC).
The content of the e-mail presented itself as an authentic message from the society, but the attachment contained malicious software that automatically connected the recipient's computer to the U.S. website involved in cyber-attacks against Mitsubishi Heavy.
The Kawasaki Heavy employee opened the e-mail's attachment but severed the connection immediately after becoming suspicious. Police sources said Kawasaki Heavy had not identified any lost confidential information.
The e-mail infected with viruses sent to the Kawasaki Heavy employee used the title and part of a document sent by a SJAC staff member around 11:30 a.m. on Aug. 26 in connection with a meeting.
Investigators' attention is now focused on a computer used by a different SJAC member. That computer was found to be infected with viruses and it is suspected that the content of its e-mail system was being stolen over a long period of time. The user was apparently not aware of the infection and received the original e-mail from the SJAC staff member.
Police are investigating the case on suspicion that the Kawasaki Heavy attack was launched in an attempt to steal information from an advanced defense contractor through the SJAC.
The SJAC, an industry organization based in Tokyo's Minato Ward, does not handle classified information and is said to have a relatively lax security system compared with defense contractors.
- « Prev
- Next »