20 Sep 2011

Japan demands probe into Mitsubishi Heavy cyber attack

Japan tells its biggest weapons maker, Mitsubishi Heavy Industries, to investigate a cyber attack on the company’s computer network, warning it may have breached its contracts with the military.

Workers look at a rocket at the Mitsubishi Heavy Industries factory (Getty)

Mitsubishi Heavy Industries has admitted viruses were found on more than 80 of its computers and servers last month.

But government officials only found out about the cyber attack from local press reports on Monday.

The Japanese government has warned Mitsubishi Heavy that its failure to notify officials about the attack before it was leaked to the media could threaten its contracts to supply billions of dollars of equipment to the military.

“It’s up to the defence ministry to decide whether or not the information is important. That is not for Mitsubishi Heavy to decide. A report should have been made,” a spokesman said.

Under the terms of an agreement between the government and contractors, companies must promptly inform officials of any breach of sensitive or classified information.

Mitsubishi Heavy shares plunged almost 4 per cent following the announcement.

First such attack in Japan

Professor Yoshiyasu Takefuji, a cyber security expert at Keio University, said this was the first example of defence-related cyber attack in Japan and had to be taken seriously.

It’s up to the defence ministry to decide whether or not the information is important. That is not for Mitsubishi Heavy to decide. Japanese Defence ministry spokesman

“This happened a month ago, and it’s just in the last few days they realized how bad it was,” he said.

Mitsubishi Heavy, which has built the US-designed F-15 fighter jet and missile systems including Patriot batteries under licence, said on Monday that computer systems had been accessed and some network information, such as IP addresses, may have been leaked.

Defence Minister Yasuo Ichikawa said he had so far received no reports of classified information being stolen.

He did not say what information was at risk.

Mitsubishi Heavy won 215 deals worth $3.4bn from Japan’s Defence Ministry in the year to last March. That is equivalent to about a quarter of the defence ministry’s annual budget.

It is not the first time security has been breached at the company. Nuclear reactor test data was lost in 2006 and information about its Mitsubishi Heavy fighter jets was leaked in 2003.

Other military contractors targeted

A second military contractor, IHI Corp , which supplies engine parts for fighter planes, has also raised concerns over hacking due to a growing number of suspicious emails sent to staff.

Kawasaki Heavy Industries, which makes airplanes and rocket systems, has also been receiving virus-tainted emails, according to a company spokesman.

A Japanese defence white paper released last month urged better protection against cyber attacks after a spate of high-profile online assaults this year that included Lockheed Martin and other US defence contractors.

A Chinese Foreign Ministry spokesman rejected suggestions that China may have been involved in the cyber hacking.

“The Chinese government has consistently opposed hacking attack activities. Relevant laws strictly prohibit this,” he said.