There is this expression – misery loves company. Well, maybe, the group of U.S. defense contractors who have been hacked feel better that they are not alone.
Of course, maybe not.
I am not sure why this information is coming out now, but, if we assume that the groups who are attacking the Japanese are also attacking us, getting information is good.
The Japan Ministry of Defense said that there was an attack on Mitsubishi earlier this year and information related to bidding for defense research contracts was likely stolen in a breach. This happened because Mitsubishi took paper documents that were sensitive, scanned them and put them on their internal network, which was hacked. Mitsubishi didn’t disclose the breach for 6 months, which probably didn’t make the Ministry too happy. They said, surprise, that China was likely behind the attack.
In January 2020, NEC, another Japanese tech company, admitted their network was hacked back in 2016 and the hack was discovered in 2017. The data that was stolen was encrypted, but decrypted in 2018. They discovered that 27,000+ files belonging to NEC’s defense business were stolen.
Recently, Pasco Corp and Kobe Steel who are also defense contractors, disclosed a breach dating back to 2015, followed by a second breach in 2016. Pasco does aerial image surveillance. What might be sensitive there? Kobe sells underwater submarine launch tubes and other parts to Japan’s military.
While I am not clear why we are hearing about breaches dating back to 2015 just now, the range of companies breached is broad.
This likely means that American companies that are anywhere in the defense food chain are likely targets and should increase their level of vigilance.
One unsettling disclosure it that it took some of the companies years to figure that they had been hacked and even more years to figure out what was taken.
Credit: CISO Magazine