Mitsubishi Heavy Network Most Likely Compromised by Spear-Phishing Attack

September 22, 2011
FedCyber Wire, Incidents
No Comment

via eWeek

Attackers most likely used spear-phishing techniques to compromise Japanese defense contractor Mitsubishi Heavy Industries last month, security researchers said. Spear phishing techniques are increasingly being used to steal sensitive information.

Mitsubishi Heavy Industries admitted Sept. 19 that 83 systems in over 10 locations had been infected with several types of malware, including data-stealing Trojans. Japanese media reported that another defense contractor based in Japan—IHI, which builds engine parts for fighter planes—has also seen a dramatic increase in the number of suspicious emails and malicious attachments hitting its servers.

There are many possible scenarios as to how Mitsubishi Heavy was infected. The possibilities include an infected computer connecting to the network, an employee’s log-in credentials being leaked, not having enough security measures and employees having access to data they didn’t need, according to Catalin Cosoi, head of the online threats lab at BitDefender. Employees giving away too much personal information about themselves online would have made them more vulnerable to phishing emails, said Cosoi.

Continued here.