Today, the two Japanese defense contractors -Pasco Corporation and Kobe Steel disclosed the security breaches happened in the May 2018 and in June 2015/August 2016.
The geospatial provider and major steel provider also confirm about this authorized access to the internal network and infect the systems in it with malware during the two incidents.
Pasco is a provider of satellite data and Kobe is the supplier of submarines parts for the Japan Self defense forces. As per Pasco, the breach did not lead to the leakage of any defense information. However, the kobe’s statement did not mention anything on it. But, as per Nikkei reports, 250 files with data related to Ministry of Defense and personal info were compromised due to the company’s server hacked.
Japanese Defense Minister, in a press conference on January 31 said, the two companies are the last of the four defense related firms hacked between 2016 and 2019. He also stated in the conference that this is not the matter that is disclosed to the public: “it should be publicly disclosed. It is necessary to get the world to know and think about defenses.”
The other two contractors that were infiltrated by the attackers are Mitsubishi Electric and NEC. Both of them confirmed that their systems were breached by a statement. Mitsubishi disclosed that the breach might lead their personal and confidential corporate info with 200 MB of documents exposed during the attack that took place on June 28, 2019.
NEC said, the servers belong to the defense business unit were accessed without authorization in December 2019 by unknown, but there is no damage like information leakage has been confirmed so far.
“According to people involved, Chinese hackers Tick may have been involved”, Nikkei reported this after the Mitsubishi disclosed the breach.
Asashi Shimbum report says, “at least tens of PCs and servers in Japan and overseas have been found to have been compromised. The hijacked account was used to gain infiltration into the company’s internal network, and continued to gain unauthorized access to middle-managed PCs who had extensive access to sensitive information”.
Tick, also known as bronze Butler and RedBaldNight, is a state backed hacking group with Chinese ties with a focus on information theft and cyberspionage. This group primarily targets Japanese organizations from several sectors including manufacturing, infrastructure, international relations and heavy industry. Their main goal is to steal the intellectual property and corporate info and exploit various zero vulnerabilities.