Japan has launched an investigation into the potential exposure of confidential missile data in the wake of a cyberattack on Mitsubishi Electric Corp. According to the Associated Press, the leak of information relating to a prototype, “cutting-edge” missile is suspected. The missile, a speed glider known as HGV, was documented in files Mitsubishi and other manufacturers held as part of a bidding process. It has been reported by local news outlets that Mitsubishi did not win the bid.
Mitsubishi Hack May Have Disclosed Prototype Missile Info https://t.co/mWYfKtMoww #news
— Information Warfare Center (@cyberintel) May 22, 2020
Zero-day vulnerability attacks like this one continue to be a popular attack vector for hackers. This underscores the need for users to keep all of their security-related software updated to prevent such attacks. It also highlights the rise in attacks like this by bad actors working for foreign governments, requiring increased vigilance by government contractors and companies in other sensitive industries.
The last thing an organisation wants to do is admit they were the subject of a data breach where intellectual property is exfiltrated from the network. In this case, the criminal attackers used a zero-day exploit to gain access to the systems and infrastructure.
With this type of attack, it\’s apparent that the criminals were looking for data and wanted to be quiet about it. Whether it\’s a coincidence that they did not win the bid is interesting, as the data theft could have been an espionage attack from a competitor or nation-state looking to gain an advantage.
Nevertheless, even with a large organisation with a robust cybersecurity program, there needs to be constant monitoring of endpoints, servers, and networks to analyse for attacks.