Japan’s Ministry of Defense (MoD) confirmed that it’s going to invest nearly ¥25.6 billion (approximately US$237.12 million) to develop AI-based security tools to defend cyberattacks. In addition, the MoD also dedicated ¥30 million (approximately US$277,711) to build a Cyber Information Gathering System, which gathers information on the tactics, techniques and procedures (TTPs) of cyberattacks on government and private entities in the country, expand the Cyber Defense Group from 220 to 290 personnel; and perform research on cybersecurity measures for network devices used by the Japanese military. The Cyber System is intended to detect malicious emails and respond to cyberattacks automatically through machine learning skills.
Industry experts opined that the Government of Japan started this initiative in the wake of a massive cyberattack on Mitsubishi Electric by a hacking group, named Tick, from China. It’s said that Tick was active for a long time and is known for stealing sensitive data from the defense, aerospace, chemical, and satellite industries in Japan and China.
After Mitsubishi disclosed the attack on January 20, 2020, the Japanese MoD announced that defense-related sensitive data may have been breached. Information related to bidding for contracts on defense equipment research, including evaluation criteria and required performances may have leaked in the incident. According to the MoD, Mitsubishi converted the Government’s paper documents into PDF files and kept them on its internal network, even though it was not permitted to do so.
In order to prevent such data breaches in the future, the Government has now initiated additional cybersecurity infrastructure to thwart security incidents from local and foreign threat actors.
Cyberattacks on Japan’s Defense Secrets
On January 31, 2020, NEC Corp., a Japanese IT and electronics company, accepted a data breach and stated that its network was penetrated and compromised to a cyberattack that occurred in December 2016. The attack was spotted in June 2017, following which all unauthorized communications were blocked by the IT teams. The encrypted communication information between the compromised server and the external exfiltration server was finally decrypted in July 2018 and it was found that the defense business division’s 27,445 files were accessed illegally.
Recently, Pasco Corp. and Kobe Steel, rendering services to the Japanese armed forces, disclosed a possible data breach that occurred in June 2015, followed by a second attempt in August 2016.