Here is a report out of London (AGI) about what quite a few of us expected if true; F-35 data has been stolen by Chinese hackers. Here is the story and link.
(AGI) London – Chinese spies hacked into computers of British Aerospace (BAE) stealing details about the US F35 fighter jet.
When pictures of China’s first stealth fighter jet (the J-20) were circulated in late 2010, analysts all over the world were impressed with the progress made by Beijing in terms of aeronautical technology. Today, the Sunday Times reported that Chinese hackers managed to infiltrate computers of Britain’s biggest defence company, British Aerospace, to steal details about the Pentagon’s latest stealth fighter jet, the F35, which is still at the development stage. . .
Actually it is suspected by my Sensei at Keio University G-SEC, Motohiro Tsuchiya, that the partially successful cyberattack on MHI last summer may have also have yielded up some missile defense and nuclear power plant data. As most readers will know, MHI is a key contractor in the U.S.-Japan SM3-Block-IIA development program. Here is the draft of a story I wrote for Space News last November that was killed…
BEGIN TEXT
PAUL KALLENDER-UMEZU, TOKYO
Highly sensitive military data related to a number of space, aerospace and other programs may have been netted by hackers in a cyber-attack on Japan’s largest military contractor, Mitsubishi Heavy Industries (MHI) this August, according to a senior cybersecurity expert here. The attack on MHI is just one part of a amid a wave of increasingly sophisticated assaults targeting top Japanese government institutions and corporations that is prompting a government effort to improve national security that have come to light in recent weeks.
MHI discovered viruses were at 11 locations across Japan, including plants that build missiles, jet fighters, the H-2A and H-2B launch vehicles, submarines and nuclear power reactors meaning that information stolen could include details of the SM-3 Block IIA advanced ballistic missile that is part of a joint research program between Japan and the U.S., according to Motohiro Tsuchiya, a professor at Keio University and member of the Information Security Policy Council, a top-level government cybersecurity advisory body here.
“Yes, it’s possible. The sponsors behind the attack will be trawling the data right now,” Tsuchiya said in a November 5 interview.
The attack came to light in September when it was revealed that 45 servers and 38 PCs had been infected by 8 or more types of viruses after employees had unwittingly opened e-mails containing malware. On October 25, in a statement, MHI conceded data had leaked out of the company’s network after a month saying there was no evidence of such a breach.
Hideo Ikuno, a spokesman for MHI declined, November 9, to comment on the issue, or local media reports that the company has up to 50 types of viruses in its systems.
The situation has angered Japan’s Ministry of Defense, which only found about the issue after the story was leaked to local media. Contractually the MOD should have been informed immediately of any security breach, said ministry spokesman Takaaki Ohno.
“It is very regrettable that MOD was not informed, and we lodged a protest to MHI. We reprimanded MHI severely over the cyber-attack incident, and MHI promised to promptly and steadily deal with an investigation and the prevention of recurrence,” Ohno said, November 9.
Over the past eight weeks Japan has been awash in revelations about cyber attacks on its leading companies and institutions.
IHI Corp. and Kawasaki Heavy Industries, both major space and military contractors here, have confirmed they had also been also been targeted in August in similar attacks to those on MHI. In late October, Chief Cabinet Secretary Osamu Fujimura revealed the Foreign Ministry and some Japanese embassies had been under attack since June. Local media also reported computers and a servers used by three members of Japan’s Lower House had been hacked and passwords and usernames of around 500 staff had been compromised.
Attacks on the MOD have been unsuccessful to date, Ohno said
Tsuchiya said the media reports only represent a tiny fraction of the waves of increasingly sophisticated and subtle attacks that began this January by suspected hackers in China when virus and Trojan laden e-mails sometimes revealing an astonishing ability to plausibly impersonate legitimate communications started hitting Japanese systems. The attacks on Japan followed earlier assaults on the U.S. Government on July 4, 2009 and then South Korea, with attacks on the Blue House and leading South Korea companies by mounted by suspected North Korean hackers, he said.
“The recent tactic has been attacking peripheral institutions with lower security and then getting in behind the lower barriers, for example by attacking think tanks. When this year started, everyone knew something was wrong,” Tsuchiya said.
Recent attacks are causing Japan to bolster its cybersecurity measures, not least the MOD. Ohno said at the Japan-U.S. Defense Ministerial Meeting on October 25, the ministers reaffirmed the significance of Japan-U.S. cyber strategy policy discussion, and decided to share information between defense authorities more closely.
“Information security is extremely important for the MOD that is in charge of this country’s security, and we intend to strengthen our response to cyber-attacks,” Ohno said.
The government will also launch framework that will share information on cyber attacks and discuss defenses among private and public sector participants, said Tsuchiya.
“MHI’s defenses should be very good but there are always holes and weaknesses and the real weakness with the targeted e-mail is the human link,” Tsuchiya said.
END TEXT