Tokyo, Japan – a new set of cyberattacks were discovered that targeted Japan, mainly the aerospace companies and industry, showed an intent to abuse software vulnerabilities before they get patched. The Chinese military is apparently involved in this attack, according to cybersecurity experts and authorities.
On Tuesday, Tokyo Police had referred an IT systems engineer to the prosecutors on suspicion of being involved in the cyberattack, which targeted JAXA, one of Japan’s space agency among other targets. The engineer who fled the country is a man in his 30s and is said to have a strong connection with the Communist Party of China, stated by Japanese authorities.
The threat actors seem to launch a zero-day attack on their targets in which unknown vulnerabilities and flaws can be exploited as starting point of the attack.
The hackers can analyze their target’s systems by conducting repeated attacks and then infecting malware to exfiltrate data and sensitive information.
More info on the suspect revealed that he worked previously on a Chinese state-owned telecom company. He is suspected to be involved in other cyberattacks between 2016 and 2018 that targetted around 200 companies and research institutions. It is also suspected of sharing server and other data with the Tick hacking group, which have ties to China’s security organizations.
The Tick hacking group was also involved in cyberattacks against Mitsubishi Electric and other Japanese companies, including NEC and Kobe Steel. Tick is an advanced hacker group that reportedly can develop its own malware and hacking tools. Their ability to find flaws and vulnerabilities on their target’s network infrastructure system is proven. Companies face the risk of successful cyber attacks getting past the security software and hardware undetected.
Former vice–minister for international affairs of the Ministry of Economic, Trade and Industry of Japan, Hisamitsu Arai, said that Tokyo lacks the sense of urgency to confront cyber threats. He also referenced that the military, police, and other security office work together to detect attackers’ moves in the US. The information is then disseminated to corporations and others to provide a warning. He also stated that Japan needs to set up a framework quickly so that the government and private sector can cooperate in preventing cyber-attacks. This will show that Japan is serious about cyber defence, he added.