The building housing the headquarters of Mitsubishi Electric Corp. in Tokyo’s Chiyoda Ward on Jan. 20 (The Asahi Shimbun)
Multiple cyberattacks likely leaked information from Mitsubishi Electric Corp., a leading electronics equipment maker that is deeply involved in defense, infrastructure and transportation projects, sources close to the company said.
They said the company suspects Tick, a Chinese hacking group, was behind the attacks.
Mitsubishi Electric acknowledged the online intrusions and apologized for the trouble they caused in a statement released on Jan. 20.
The company’s statement said its in-house investigation found that there were no leaks of sensitive data in the defense, electric and railway industries. It also said classified information on technology and vital information about its customers was not compromised.
The statement said it has not confirmed “any damage or impact” from the breach so far, but it did not mention the content of data that might have been leaked nor did it name a possible perpetrator.
“We have confirmed the possibility that personal information and confidential corporate information have leaked after our company’s computer networks were accessed illegally,” the statement read.
The company issued the statement after an article on the breach was carried in The Asahi Shimbun’s morning edition the same day.
According to the sources cited in the article, the company first became aware of the online attacks in Japan in late June, when suspicious activities were detected at a server at its Information Technology R&D Center in Kamakura, Kanagawa Prefecture.
The attack occurred shortly before Mitsubishi Electric started providing a cybersecurity service in July to protect public facilities and office buildings from online attacks.
More than 40 of its servers and more than 120 computer terminals at its Tokyo headquarters and large domestic and overseas offices have been breached since July, according to the sources and the company’s in-house investigation.
The revelation of the cyberattacks came at a time when government officials are increasingly nervous about security arrangements against terrorism and online attacks for the 2020 Tokyo Olympic and Paralympic Games.
Chief Cabinet Secretary Yoshihide Suga acknowledged the attacks on Mitsubishi Electric at a news conference on Jan. 20.
But he said the company reported to the government that there were “no leaks of sensitive data on defense equipment and the power industry.”
Although Mitsubishi Electric’s statement did not go into detail about what the hackers wanted to obtain, the sources told The Asahi Shimbun earlier that the information hacked included not only data of the company but also that of more than 10 government organizations, including the Defense Ministry, the Environment Ministry, the Cabinet Office, the Nuclear Regulation Authority, and the Agency for Natural Resources and Energy.
The hackers also gained access to data on dozens of leading private-sector companies, including those in the power, telecommunications, railway and auto industries, the sources said.
The data contained details of joint projects, negotiations and incoming orders from Mitsubishi Electric’s business partners, as well as documents shared by senior company officials at meetings and the company’s research institute.
The sources said that the way in which the servers and computer terminals were compromised indicates that the cyber-espionage group Tick was behind the attacks.
Tick primarily targets classified defense-related data, but little is known about the group.
Unauthorized access originated at an affiliated company in China, and such activity was later discovered at key offices of Mitsubishi Electric in Japan, the sources said.
The attackers infiltrated the company’s computer networks through hijacked accounts, giving them access to computer terminals used by middle management executives, who have high clearance levels for a wide range of classified information within the company, the sources said.
The hackers sent out data from those terminals over several installments, raising the likelihood that information was leaked, they said.
Author: Matthew DeBord