Japan has launched an investigation into the potential exposure of confidential missile data in the wake of a cyberattack on Mitsubishi Electric Corp.
According to the Associated Press, the leak of information relating to a prototype, "cutting-edge" missile is suspected.
The missile, a speed glider known as HGV, was documented in files Mitsubishi and other manufacturers held as part of a bidding process. It has been reported by local news outlets that Mitsubishi did not win the bid.
It is possible the missiles could have been deployed as a deterrent to Japan's more remote islands -- an area of contention considering China's increased military presence in the region.
Chief Cabinet Secretary Yoshihide Suga said that Japan's Defense Ministry is analyzing the "possible impact of the information leak on national security."
The cyberattack took place on June 28, 2019, but was only made public this year. The Japanese tech giant said approximately 200MB in files were stolen, but this was thought to primarily relate to members of staff.
Mitsubishi acknowledged the cyberattack and the potential theft of data belonging to roughly 8,000 individuals. In addition, the company informed the Defense Ministry of the potential exposure of sensitive information. The investigation is ongoing.
ZDNet previously learned that the intrusion was made possible through the use of a zero-day vulnerability in Trend Micro OfficeScan antivirus software. The vulnerability has since been patched.
A Chinese cyberespionage group known as Tick -- or Bronze Butler -- has been blamed for the attack.
While exploiting a zero-day vulnerability was potentially the key to pulling off this cyberattack, there are other methods that are far more common in security incidents today. According to Verizon's 2020 Data Breach Investigation Report, unsecured cloud storage, the use of stolen credentials, and phishing attacks are often the attack vectors involved in modern data breaches.
ZDNet has reached out to Mitsubishi with additional queries and will update when we hear back.
Previous and related coverage
- Trend Micro antivirus zero-day used in Mitsubishi Electric hack
- Mitsubishi Electric discloses security breach, China is main suspect
- EasyJet hack: 9 million customers hit and 2,000 credit cards exposed
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0