Japanese automotive giant Kawasaki has announced that it recently discovered unauthorised connections from a number of overseas offices to its data centres in Japan that resulted in the leakage of data to unauthorised third parties.
In a press release published on Monday, Kawasaki said that the unauthorised connection from its overseas office in Thailand to a server in Japan was first discovered on 11th June during the course of an internal system audit. Further investigation into the incident unearthed other unauthorized accesses to servers in Japan from other overseas sites, such as those in Indonesia, the Philippines, and the United States.
The company said that all these unauthorised intrusions were blocked by early July and it immediately implemented enhanced network communication restrictions at all overseas and Japan offices, conducted a thorough security soundness inspection of approximately 26,000 terminals in Japan and Thailand networks as well as of approximately 3,000 terminals in overseas offices network where breaches possibly occurred.
“Because Kawasaki handles important sensitive information such as personal information and social infrastructure-related information, information security measures have been a top priority for the company. However, the unauthorised access in question had been carried out with advanced technology that did not leave a trace.
“To this end, since the confirmation of unauthorised access, Kawasaki special project team engaged with an independent external security specialist firm has been investigating and implementing countermeasures. Their investigation confirmed a possibility that information of unknown content may have been leaked to a third party.
“However, at the present time, we have found no evidence of leaking information including personal information to external parties. Customers who may have been affected by this unauthorised access are being contacted individually,” Kawasaki said.
“In addition to continuing to tighten monitoring and access control in communication networks between our overseas offices and domestic offices, the Cyber Security Group (established on November 1, 2020), which is under the direct control of the corporate president, will strengthen security measures, analyzing the latest unauthorised access methods, to prevent recurrence,” it added.
Kawasaki is not the only Japanese major that has been targeted in recent times by cyber criminals using sophisticated cyber tools and techniques. In January, Mitsubishi Electric said its computer network was breached by unnamed hackers in June last year and that the breach may have resulted in the leak of “personal information and corporate confidential information” to unauthorised entities.
According to Japanese media agency Nikkei, hackers who targeted Mitsubishi Electric’s network were possibly members of a Chinese hacker group known as Tick and in order to remove the evidence of their intrusion, they deleted all logs that could have been analyzed by the company to verify the leak of confidential information.
Nikkei added that the hackers stole up to 200MB of documents, some of which contained information on Japanese government agencies such as the Ministry of Defense, the Nuclear Regulatory Commission, and the Agency for Natural Resources and Energy. The documents also contained information on domestic and overseas companies such as electric power and telecommunications, JR / private railways, and major automobile companies.
According to the Associated Press, the Japanese government is investigating if the cyber attack on Mitsubishi Electric potentially compromised information related to a prototype supersonic gliding missile called HGV which is also being developed by the United States, Russia, and China.
“The ministry suspects the information might have been stolen from documents sent from several defense equipment makers as part of a bidding process for the project, Mitsubishi Electric did not win the bid,” AP said.