The Defence Information Infrastructure is a high-speed large-capacity communication network connecting SDF bases and camps. The Defence Information Infrastructure comprises two distinct networks, one connected to the Internet and an internal network.
The security breach took place in September but media have disclosed it only now, the South China Morning Post reported that the attack was confirmed by unnamed ministry officials on Sunday morning.
According to the SCMP hacker penetrated the Ground Self-Defence Force. The hackers first breached a network shared between Japan’s National Defence Academy and its National Defence Medical College, then with a later movement, they got access to the Defence Information Infrastructure network.
“The Japanese Defence Ministry and the Self-Defence Forces discovered in September that their shared communication network had suffered a cyberattack that enabled a hacker to penetrate the Ground Self-Defense Force’s computer system, ministry sources said on Sunday.” reported the South China Morning Post.
“Some information may have been leaked in the incident, with an organised attacker such as a nation state strongly suspected, but the full scope of the damage is not clear, the sources said.”
How is it possible?
Bloomberg quoted Kyodo news that citing ministry sources in an earlier report, explained the hackers took advantage of the fact that computers at Japan’s National Defense Academy and National Defense Medical College are connected both to a university network and to an internal network linking military bases.
The news was reported by Bloomberg who linked the attack to a nation-state actor due to the complexity of the attack and the nature of the target,
The South China Morning Post reports of a highly skilled attack that leads the ministry immediately raise the cybersecurity alert level in the country.
Masakazu Saito, a senior ministry official in charge of cyber security issues, did not comment the incident.
Bloomberg commenting the alleged attack states that report also cited senior military officials as saying the attack managed “as a crisis”. In response to the incident, staff at the ministry and the Self-Defense Forces were temporarily banned from connecting to the Internet.
“It is a very serious situation. We must quickly take measures to prevent a recurrence.” said a senior SDF official.
Cyber attacks against Japanese organizations are nothing new, below a short list of major hacking campaigns that targeted the country:
Bloomberg states that Japan’s Defense Ministry denied a military computer network had suffered a high-level cyber attack in September.
“A public affairs official at the ministry said the report wasn’t true, and that it receives numerous suspicious e-mails and other forms of contact believed to be cyber attacks on a daily basis. The official, who declined to be named in line with government policy, also said the ministry doesn’t comment on such attacks as that would expose its ability to deal with them.” reported Bloomberg.
(Security Affairs – Japan, Defence Information Infrastructure )