Japan’s top weapons maker has confirmed it was the victim of a cyber attack reportedly targeting data on missiles, submarines and nuclear power plants.
Mitsubishi Heavy Industries (MHI) said viruses were found on more than 80 of its servers and computers last month.
The government said it was not aware of any leak of sensitive information.
But the defence ministry has demanded MHI carry out a full investigation. Officials were angered after learning of the breach from local media reports.
Speaking at a news conference on Tuesday, Japan’s defence minister Yasuo Ichikawa said the cyber attackers had not succeeded in accessing any important information but MHI would be instructed “to undertake a review of their information control systems”.
“The ministry will continue to monitor the problem and conduct investigations if necessary,” Mr Ichikawa added.
All government contractors are obliged to inform ministers promptly of any breach of sensitive or classified information.
The Ministry of Defence has said the delay in Mitsubishi Heavy Industries informing it of the cyber attack is “regrettable” – a bland term regularly deployed by Japanese bureaucrats to describe everything from near indifference to utter outrage.
But it is clear there is concern in Japan about security at the country’s biggest defence contractor.
Mitsubishi Heavy makes everything from warships to missiles. The giant company says it discovered the breach in mid- August, and informed the Japanese police at the end of the month.
But the defence ministry was not told until Monday afternoon, after reports had appeared in local media.
The key issue is just how serious the attack was – and whether any of Japan’s defence secrets have leaked.
Mitsubishi Heavy says the virus was confined to just 45 servers and 38 computer terminals – out of the many thousands it operates.
An ongoing internal investigation has found only network information, such as IP addresses, has been compromised.
“It’s up to the defence ministry to decide whether or not the information is important. That is not for Mitsubishi Heavy to decide. A report should have been made,” a defence ministry spokesman was earlier quoted by Reuters as saying.
The online attacks – which are believed to be the first of their kind against Japan’s defence industry – originated outside the company’s computer network, MHI said.
They have been described as spear phishing attacks – when hackers send highly customised and specifically targeted messages aimed at tricking people into visiting a fake webpage and giving away login details.
Neither the Japanese government nor MHI have said who may be responsible. A report in one Japanese newspaper said Chinese language script was detected in the attack against MHI.
But China rebuffed suggestions it could be behind the attacks.
“China is one of the main victims of hacking… Criticising China as being the source of hacking attacks not only is baseless, it is also not beneficial for promoting international co-operation for internet security,” foreign ministry spokesman Hong Lei said.
China has in the past been accused of carrying out online attacks on foreign government agencies and firms.
Beijing routinely denies that it is behind this kind of hacking but, says the BBC’s Defence Correspondent Jonathan Marcus, the US military is more and more concerned about China’s abilities in this field.
Fear of the “cyber-dragon” is driving forward a fundamental re-think of US policy which is coming more and more to regard computer hacking as a potential act of war, our correspondent adds.
MHI confirmed that 45 of its servers and 38 computers were infected by at least eight viruses.
The viruses targeted a shipyard in Nagasaki, where destroyers are built, and a facility in Kobe that manufactures submarines and parts for nuclear power stations, public broadcaster NHK reported.
A plant in Nagoya, where the company designs and builds guidance and propulsion systems for rockets and missiles, was also reportedly compromised.
MHI said it had consulted the Tokyo police department and was carrying out an investigation alongside security experts, which should be concluded by the end of the month.
A second defence contractor, IHI, which supplies engine parts for military aircraft, said it had also been targeted.
IHI said it had been receiving emails containing viruses for months, but its security systems had prevented infection.
There are also reports that Japanese government websites, including the cabinet office and a video distribution service, have been hit by distributed denial-of-service attacks.
A typical DDoS attack involves hundreds or thousands of computers, under the control of hackers, bombarding an organisation’s website with so many hits that it collapses.
Last month, a Japanese defence white paper urged better protection against cyber attacks after US defence contractors were hit by a spate of assaults.
One of the most high-profile cases involved Lockheed Martin – the world’s biggest aerospace company, which makes F-16, F-22 and F-35 fighter jets as well as warships.
Although the firm said none of its programmes were compromised in the attack in May, it prompted other defence contractors to assess their own security measures.