print PRINT

SECURITY > Cybersecurity

Editorial: Measures needed to prevent leak of defense data through cyber-attacks

  • February 20, 2020
  • , The Japan News , 1:57 p.m.
  • English Press

Cyber-attacks on Japanese defense-related companies are an issue that threatens national security.

 

A massive leak of information was revealed at Mitsubishi Electric Corp. in January. It is suspected that classified information on defense equipment was compromised at the company. At first, the company said, “There were no information leaks about defense or critical infrastructure.” But the leak was found in its investigation into the case after that.

 

It is said that Mitsubishi Electric converted documents provided by the Acquisition, Technology and Logistics Agency into electronic files without permission and stored them on a terminal that could be connected to the internet. This is nothing but an inappropriate treatment of documents.

 

Mitsubishi Electric was the third-largest defense-related company in Japan in terms of contract value with the Defense Ministry in fiscal 2018. The company lacks awareness that it was involved with important national information.

 

According to Mitsubishi Electric, 132 units of personal computers and other devices in Japan and abroad were suspected of having been illegally accessed . The infection spread from a Chinese base, and a group of hackers linked to China is suspected of being involved in the case.

 

Some computer terminals were manipulated so that there was no trace of cyber-attacks. This suggests that the scheme was extremely sophisticated.

 

NEC Corp. and Kobe Steel Ltd., both of which trade with the Defense Ministry, and major aerial survey firm Pasco Corp. were also attacked. At present, no leaks of defense-related information have been confirmed at these companies. But it would be serious if such information was targeted.

 

In many cases, defense equipment, such as radars for naval vessels, are jointly developed with the United States or other countries. If classified information is leaked from the domestic defense industry, Japan’s credibility would deteriorate. This could hamper Japan’s defense cooperation with the United States and other parties.

 

It is necessary to intensify preparations for protecting defense information from cyber-attacks.

 

Defense-related companies should constantly check whether security measures are functioning properly. They must put systems in place to deal with the increasing sophistication of attacks.

 

The ministry’s cyber defense units are responsible for defending the Self-Defense Forces’ command system and unit operations. It is necessary for the ministry to cooperate with the private sector so that the private sector can utilize this knowledge.

 

It is also important for the public and private sectors to establish a system to share information.

 

In its guidelines, the United States asks companies in the defense industry and others in charge of key infrastructure projects to report damage caused by cyber-attacks.

 

The Defense Ministry is also considering legally requiring companies to report the damage in cases of information leaks.

 

If companies that have been hit by cyber-attacks report promptly to relevant authorities and other companies take countermeasures based on the information, it would be possible to prevent the damage from spreading.

 

— This article appeared in the print version of The Yomiuri Shimbun on Feb. 20, 2020.

  • Ambassador
  • Ukraine
  • OPINION POLLS
  • COVID-19
  • Trending Japan