Japanese defense industry body target of cyberattack

A hacker stole email addresses from the Society of Japanese Aerospace Companies (SJAC), which lists executives of defense contractors as its directors, and then retrieved the contents of emails from Kawasaki Heavy Industries Ltd., the sources said.

The culprit apparently did this by using a virus planted on the computer of an international telephone service company.

The cyberattack follows a similar attack on Tokyo-based Mitsubishi Heavy Industries Ltd. Both Mitsubishi Heavy Industries and Kawasaki Heavy Industries are members of SJAC.

The sources said the email used in the attack on Kawasaki Heavy Industries was sent in the evening of Aug. 26 under the name of a SJAC executive from a major electronics manufacturer.

The email was titled, "Prior distribution of documents," and included a file attachment called, "Comments on lump sum procurement."

The text of the email was mostly copied from an email the executive actually sent to other officials about 10 hours before the fake email was sent.

The Metropolitan Police Department and other concerned authorities assume the hacker aimed to spread the virus throughout the defense industry through SJAC.

The police investigation found that the personal computer of one official who received the email was infected with the virus. Some information was found to have been stolen, they said.

Kawasaki Heavy Industries suffered similar attacks in June and July.

In both cases, the hacker posed as an official of a company in Kanagawa Prefecture that manufactured aircraft parts.

The fake email this time was sent via an international telephone service company in Chuo Ward, Tokyo.

The police checked the company's computer and found it was infected with a computer virus and that it was used by the hacker to provide false identification.

The police also found the company's computer had sent transmissions to the SJAC's server without the knowledge of the society officials.

They found that the SJAC's computer had been infected with the virus a long time ago and assumed email contents and other data had been stolen over the same period.

A senior police official said, "The hacker targeted the industry association, which has inadequate security. We assume the hacker attempted to use it to spread computer viruses throughout the nation's defense industry."

The SJAC has 91 member companies, including aeronautics- and space-related companies, and is supported by 49 other companies, such as trading firms importing defense equipment.

(c)2011 The Yomiuri Shimbun (Tokyo)
Distributed by MCT Information Services