On September 20, Japan’s top weapon’s manufacturer, Mitsubishi Heavy Industries (MIH), confirmed it was the victim of a cyber attack reportedly targeting sensitive data on advanced weaponry and nuclear power plants. After nearly a month of internal investigation, a media leak persuaded MIH to inform the Japanese government of the attack, which infected servers and desktop computers at multiple MIH facilities with at least eight different viruses. Although the Japanese government stated that the attack did not succeed in accessing any important information, the Japanese Ministry of Defense ordered Mitsubishi to have its security audited. A report in one Japanese newspaper said that a Chinese language script was detected in one of the viruses. However, it remains unclear where the attacks originated. One security company has revealed that MIH’s servers were connected to 14 overseas sites, including China, Hong Kong, the United States, and India.
Japanese investigators have said that they suspect that these attacks were perpetrated by the same Chinese hacking operations that succeeded in penetrating U.S. and military sites earlier this year. Back in June, Google, Inc. disclosed that unknown hackers had tried to steal the passwords of hundreds of Gmail account holders, including those of senior U.S. government officials and officials in several Asian countries. Google claims that it was able to trace the attack on its systems to central China. News of the attack on Google broke only weeks after the U.S. Department of Homeland Security disclosed a data theft at Lockheed Martin, where hackers broke into the Defense Department’s F-35 fighter program. The attack compromised a system of the advanced fighter jet that is responsible for diagnosing maintenance problems during flight. A spokesman for the Defense Department said that the impact on the Pentagon was “minimal” and that the department didn’t “expect any adverse effect.” Investigators of the Lockheed Martin attack traced the security breach “with a high level of certainty” to Chinese IP addresses and digital fingerprints.
The growing prominence and severity of global cyber attacks has prompted U.S. lawmakers to demand action from the Obama administration. At a hearing on October 4, Michigan Rep. Mike Rogers, who chairs the House Intelligence Committee, accused the Chinese government of engaging in a policy of cyber theft that has reached an “intolerable” level. Rogers said that the U.S. should establish international rules against stealing corporate secrets through cyber attacks. “I don’t believe that there is a precedent in history for such a massive and sustained intelligence effort by a government to blatantly steal commercial data and intellectual property,” he said.
The Obama administration’s release of its International Strategy on Cyberspace last May marked a divergence from former U.S. policy resisting international efforts to limit military use of cyberspace. The document states that the U.S. is committed to working with other nations to reduce threats to computer networks by “oppos[ing] those who would seek to disrupt networks and systems, dissuading and deterring malicious actors, and reserving the right to defend these vital national assets as necessary and appropriate.” Currently, cyber espionage is treated the same under international law as non-cyber espionage; it is legal. It will be interesting to see if and how the Obama administration reacts to Congressional pressure on this front.