Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

China denies role in hack of Japanese defense contractor

Charges that Chinese hackers attacked Mitsubishi are "groundless", says government spokesman

A Chinese government official today denied any involvement in the attack that compromised scores of servers belonging to Mitsubishi Heavy Industries, Japan's largest defense contractor.

According to press reports, Foreign Ministry spokesman Hong Lei dismissed suggestions that the attacks against Mitsubishi originated in China.

"The Chinese government has consistently opposed hacking attack activities. Relevant laws strictly prohibit this," Hong told reporters for Reuters, the Associated Press, and other outlets, during a regular press briefing Tuesday.

"Criticism that China initiated a cyberattack is not only groundless, it goes against development of international cooperation on cybersecurity," Hong said.

Hong's comments are nearly identical to those trotted out by the Chinese government whenever security experts speculate that attacks originate from the country.

The evidence of links to Chinese hackers are admittedly tenuous, relying on past accusations by others -- going back to the Aurora attacks that targeted Google and dozens of other Western corporations in late 2009 and early 2010 -- a proven history of hacking activity, and claims that Chinese-language scripts have been found in some of the malware that infected Mitsubishi's servers and PCs.

Yesterday, a U.S.-based spokesman for Mitsubishi confirmed that the company had uncovered a large-scale intrusion that had planted malware on 45 servers and an additional 38 individual PCs in several locations around Japan.

Servers at Mitsubishi's Kobe shipyards, where the company builds diesel-electric submarines and components for nuclear power plants; at the company's Nagasaki shipyards; and at its Nagoya plant, which designs and manufactures missile guidance systems, were among those compromised, the spokesman said.

The attacks were first detected in mid-August, said Mitsubishi, but the company did not go public until Japanese media revealed the intrusion. According to Japanese reports, the government was not informed by Mitsubishi of the attack before this weekend.

The spokesman declined to comment on the origin of the attacks.

Separately, however, Japan's National Police Agency (NPA) today circulated a warning of attacks against government websites based on chatter in Chinese forums.

Messages on those forums last week had called for cyber attacks on the 80th anniversary of the Sept. 18, 1931 "Mukden Incident," when the Japanese military staged an attack against a railroad in the Manchurian region of northern China. The incident was used as a pretext by Japan to invade and occupy Manchuria.

The NPA said that several Japanese government sites were targeted last week, and that the attacks made them difficult to access at times.

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed. His e-mail address is gkeizer@computerworld.com.

See more articles by Gregg Keizer.

Read more about cybercrime and hacking in Computerworld's Cybercrime and Hacking Topic Center.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: Apple, Google, Microsoft, Mitsubishi, Reuters, Topic
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: Cybercrime and Hacking, Google, Malware and Vulnerabilities, Reuters, security
Latest Blog Posts
Whitepapers
  • Collaborative software delivery: Managing today’s complex environment to improve software quality
    IBM Rational Team Concert software can help simplify, automate and govern the delivery process. Based on the open standards Jazz platform, it offers a lean collaborative application life cycle management (ALM) solution with integrated planning, work-item tracking, version control, build management and reporting.
    Learn more »
  • Oracle x86 Rack Servers Optimized for Rapid Deployments and Operational Efficiency
    Business-critical and mission-critical workloads — demanding applications and databases — require stable and secure environments. When these types of workloads are deployed on x86 servers, the need to ensure business continuity, maximum uptime, and consistent processing means that IT managers and business unit managers are looking at enterprise x86 servers in a new way: They realize that the business depends on these servers and that x86 server platforms for the enterprise are no longer expendable, as they might have been when servers were dedicated to a single application — or when they were deployed as small Web servers that could be easily taken offline and replaced.
    Learn more »
  • NetScaler 2048-bit SSL performance advantage
    Citrix® NetScaler® provides advanced layer 4-7 traffic management and load balancing. Like other leading Application Delivery Controllers (ADCs), NetScaler can offload computationally expensive SSL processing responsibilities from web and application servers to speed the delivery of SSL-protected applications. Learn more.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments