The unsuccessful cyber-attack on Kawasaki Heavy Industries Ltd. in August was made via the computer system of the Society of Japanese Aerospace Companies, investigative sources said. Police said a bogus email was sent Aug. 26 to an official at major defense contractor Kawasaki Heavy using the email address of an employee at the aerospace industry body. The hacking was unsuccessful as the Kawasaki Heavy official noticed abnormalities after opening an attached file and reported the matter immediately.
Hackers have also targeted Mitsubishi Heavy Industries Ltd. and IHI Corp. — also members of the industry body. Investigators believe the hackers tried to steal corporate data via the industry body’s computer system to get around the formidable firewalls defense contractors have installed to guard against such cyber-attacks. A computer that is used to open file attachments can be forcibly connected to outside systems and data stolen, police said. The contents of the email sent to the Kawasaki Heavy official were the same as a message the industry body employee had sent to a coworker 10 hours earlier.Police believe the employee’s computer was repeatedly hacked and data stolen from email exchanges. No defense or security data were stolen in the cyber-attacks on Mitsubishi Heavy and IHI, according to industry sources.
Industry body’s computers used in cyber-attacks on Kawasaki Heavy, Japan Times, Oct. 16, 2011