China denies role in hack of Japanese defense contractor
Charges that Chinese hackers attacked Mitsubishi are 'groundless,' says government spokesman
Computerworld - A Chinese government official today denied any involvement in the attack that compromised scores of servers belonging to Mitsubishi Heavy Industries, Japan's largest defense contractor.
According to press reports, Foreign Ministry spokesman Hong Lei dismissed suggestions that the attacks against Mitsubishi originated in China.
"The Chinese government has consistently opposed hacking attack activities. Relevant laws strictly prohibit this," Hong told reporters for Reuters, the Associated Press, and other outlets, during a regular press briefing Tuesday.
"Criticism that China initiated a cyberattack is not only groundless, it goes against development of international cooperation on cybersecurity," Hong said.
Hong's comments are nearly identical to those trotted out by the Chinese government whenever security experts speculate that attacks originate from the country.
The evidence of links to Chinese hackers are admittedly tenuous, relying on past accusations by others -- going back to the Aurora attacks that targeted Google and dozens of other Western corporations in late 2009 and early 2010 -- a proven history of hacking activity, and claims that Chinese-language scripts have been found in some of the malware that infected Mitsubishi's servers and PCs.
Yesterday, a U.S.-based spokesman for Mitsubishi confirmed that the company had uncovered a large-scale intrusion that had planted malware on 45 servers and an additional 38 individual PCs in several locations around Japan.
Servers at Mitsubishi's Kobe shipyards, where the company builds diesel-electric submarines and components for nuclear power plants; at the company's Nagasaki shipyards; and at its Nagoya plant, which designs and manufactures missile guidance systems, were among those compromised, the spokesman said.
The attacks were first detected in mid-August, said Mitsubishi, but the company did not go public until Japanese media revealed the intrusion. According to Japanese reports, the government was not informed by Mitsubishi of the attack before this weekend.
The spokesman declined to comment on the origin of the attacks.
Separately, however, Japan's National Police Agency (NPA) today circulated a warning of attacks against government websites based on chatter in Chinese forums.
Messages on those forums last week had called for cyber attacks on the 80th anniversary of the Sept. 18, 1931 "Mukden Incident," when the Japanese military staged an attack against a railroad in the Manchurian region of northern China. The incident was used as a pretext by Japan to invade and occupy Manchuria.
The NPA said that several Japanese government sites were targeted last week, and that the attacks made them difficult to access at times.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed . His e-mail address is email@example.com.
- Syrian Electronic Army shanghais Microsoft's Twitter account, blog
- Is French outrage against U.S. spying misplaced?
- Lawmakers seek answers on Obamacare Data Hub security
- China-based hacking group behind hundreds of attacks on U.S. companies
- How to Prepare for a Potential Syrian Counterattack on the U.S. Power Grid
- New York Times site outage caused by attack on domain registrar, company says
- Cyber drills like Quantum Dawn 2 vital to security in financial sector
- Quantum Dawn 2 will test Wall Street's cyber readiness
- Pentagon accuses China of cyberattacks on U.S military, business targets
- Spamhaus attacks expose huge open DNS server dangers
Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Who's Spying on You? You're aware of the threats of malware to your business but what about the ever-changing ground rules? Cybercriminals today are launching attacks against...
- HP HAVEn: See the big picture in Big Data HP HAVEn is the industry's first comprehensive, scalable, open, and secure platform for Big Data. Enterprises are drowning in a sea of data...
- What Datapipe customers need to know about the new PCI DSS 3.0 compliance standard This handy quick reference outlines what PCI DSS 3.0 is, who needs to be compliant and how Alert Logic solutions address the new...
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,... All Cybercrime and Hacking White Papers | Webcasts