Japan Denies Report of ‘State-Backed’ Cyber Attack on Militaryby
State actor may have been involved in attack, Kyodo News says
Strong possibility internal information was exposed: Kyodo
Japan’s Defense Ministry on Monday denied a report that a military computer network had suffered a high-level cyber attack in September, possibly involving a state actor.
A public affairs official at the ministry said the report wasn’t true, and that it receives numerous suspicious e-mails and other forms of contact believed to be cyber attacks on a daily basis. The official, who declined to be named in line with government policy, also said the ministry doesn’t comment on such attacks as that would expose its ability to deal with them.
Kyodo news had cited ministry sources in an earlier report, which said that the hackers didn’t leave a detailed trail and the extent of the damage was unclear. The news agency said the hackers took advantage of the fact that computers at Japan’s National Defense Academy and National Defense Medical College are connected both to a university network and to an internal network linking military bases.
The report also cited senior military officials as saying the attack was viewed as a crisis. Staff at the ministry and the Self-Defense Forces were temporarily banned from connecting to the Internet after the incident became apparent in September, it said.
The reported attack came two-and-a-half years after the SDF set up their own cyber defense unit.
In 2011, a cyber attack on military contractor Mitsubishi Heavy Industries Ltd. was believed to have targeted defense technology, according to the Nikkei newspaper. Japan’s space agency, JAXA, also suffered cyber attacks in 2013, and a naval officer was convicted in 2008 over the unauthorized sharing of information related to the Aegis missile defense system.
"The cost of launching massive, sustained attacks has dropped because computing power is cheap," said Jack Midgley, a consultant with Deloitte Tohmatsu Consulting in Tokyo, which cited Japan as one of the five Asia-Pacific nations most vulnerable to cyber attacks in a report earlier this year.
"That means an attacker can search systematically for any possible opening, and do so undetected," Midgley said. "Defense ministries worldwide are adopting ‘active defense’, in which they constantly attack their own systems, to find and fix weaknesses before malicious actors can. Maybe Japan needs to adopt this same approach."