Japan is joining the U.S. in cracking down on cyber-attacks, after hackers threatened the country’s national security by breaching Japanese military contractor Mitsubishi Heavy.
The country’s defense minister demanded an investigation into Mitsubishi Heavy for failing to report its August security breach until September 19. The company will face fines if the probe discovers hackers stole sensitive data, which Mitsubishi Heavy so far says is not the case.
Japan joins other governments like the U.S., whose military contractor Lockheed Martin was hacked this spring along with the Pentagon, in seeking to prevent further serious breaches against its defense networks.
“For every country, these kinds of intrusions have the potential for long-term negative impact and must be taken seriously,” said Karen Kelley, a spokeswoman for the American Embassy in Tokyo. “This is why cybersecurity must be a public sector priority in close collaboration with the private sector.”
Japan may have additional reasons to heighten security, as the Nikkei business daily reports another military contractor, IHI Corp, told police its employees were receiving suspicious emails, which may be evidence of a second breach.
Japan may need to adopt a similar policy to the U.S.’ pending SAFE Data Act, created following Sony’s breach, which requires companies secure their information and immediately publicize all breaches.
Representative Mary Bono-Mack (R., Calif.) spearheaded this act and also demanded answers on hacking Operation Shady RAT, which clandestinely collected sensitive information from the U.S. and other countries over five years.
Japan may also adopt a similarly proactive approach, especially with government defense contractors involved.
In Mitsubishi Heavy’s case, however, Japan may have difficulty investigating the attack. An independent computer security company determined the hacks originated in 14 overseas sites, including 20 servers in China, as well as Hong Kong, the U.S. and India.
China’s government denies any involvement in the attacks but the incident raises questions as analysts already suspect the country’s officials of sanctioning the Shady RAT and Gmail spear phishing attacks.
Japan’s first major security breach is a wake-up call for the country to strengthen its defenses against hacks, no matter their origin. Mitsubishi Heavy’s investigation is set to end at the beginning of October.