A high-speed communication network with a large capacity – which constitutes the information infrastructure of the Defense Ministry and the Self-Defense Forces (SDF) and interacts with SDF garrisons and bases – were cyberattacked, and the system of the Ground Self-Defense Force (GSDF) were hacked, ministry sources revealed on Nov. 27. Although no detailed records on the attack are available, it is highly possible that internal information of the GSDF has been leaked.
“The situation is critical and considerably serious,” said senior SDF officials. “We need to swiftly take preventive measures,” One of the officials emphasized.
The Defense Ministry has strengthened its firewall’s security posture by limiting external connections outside the ministry, but it is strongly suspected that the recent attack was an organized attack involving a state or other entities, judging from the highly sophisticated methods employed in the attack. The ministry regarded the attack as serious and raised its cyberattack alert condition immediately after it detected the attack around September.
According to the sources, the Defense Information Infrastructure (DII), a communication network jointly used by the ministry and the SDF, was attacked. It seems that hackers gained unauthorized access to computers at the National Defense Academy and the National Defense Medical College. It is highly possible that they also accessed the GSDF system through these computers. After detecting the attack, the ministry temporarily banned the use of the Internet within the ministry and the SDF. Both the defense academy and medical college are connected to a nation-wide academic network, through which the intruders seem to have made the attack.
The DII is made up of two different networking systems, one connected to those outside the Defense Ministry and the SDF, and the other connected only internally. The two systems are separately operated to prevent computer viruses from intruding. However, each computer terminal is connected to both systems with the switch, and the two systems were not perfectly separated off from each other. The intruders are believed to have taken advantage of this vulnerability, the sources said. (Abridged)