Japanese electronics manufacturer Mitsubishi Electric recently confirmed that it was hit by a cyberattack in June 2019. The Tokyo-based firm released a notice detailing the data leak in the wake of two news stories published recently by Asahi Shimbun and Nikkei.
Who’s the Culprit?
The sources claimed that the Chinese hacking group tracked as Tick was likely behind the attack. It’s said that Tick has been active for a long time and is known for stealing sensitive data from the defense, aerospace, chemical, and satellite industries in Japan and China.
The unauthorized access began with compromising computer systems in Mitsubishi’s office located in China, and spread to Japan. The attackers used the compromised accounts to infiltrate into the company’s internal network and gained access to server systems that had sensitive information.
Massive Information Leak
According to the internal investigation, which began in September 2019, the security incident compromised the information of Mitsubishi’s public and private business partners, defense-related details, and data on critical social infrastructure like electricity and railways. It’s believed that intruders managed to access computers, servers, and company sites, including details on the company’s joint projects, negotiations, research documents, and data of government organizations like Defense Ministry, the Nuclear Regulation Authority, and the Agency for Natural Resources and Energy.
The government entities and businesses in Japan faced multiple security incidents in recent times.
Earlier this month, the authorities of the Tokyo 2020 Summer Olympics issued a warning about an ongoing phishing campaign. It’s said that the suspicious emails were designed to look like they’re coming from the Tokyo Organizing Committee of the Olympic and Paralympic Games 2020.
The authorities stated that the phishing emails redirect the recipients to fake websites or infect their computer systems with malware if opened. The international multi-sport event is scheduled between July 24 and August 9, 2020, in Tokyo.
“We have detected emails disguised to look like they are coming from a Tokyo 2020 staff member. Although the email may look official and legitimate, if you have no reason to receive such an email or if the content is questionable, you should not click on the link or open any attached files. It is highly likely that you would be directed to a phishing site or your computer would be exposed to a virus,” the authorities said in an official statement.