‘Backdoor’ virus found at Japanese missions in Canada, 8 other countries

November 1, 2011 01:04 Leave a Comment

Yomiuri Shimbun October 26, 2011

http://www.montrealgazette.com/news/Backdoor+virus+found+Japanese+missions+Canada+other+countries/5610161/story.html

Policemen stand guard in front of the Japanese embassy in Seoul on October 18, during a visit by Japanese Prime Minister Yoshihiko Noda. The Seoul embassy was among nine Japanese missions hit by a backdoor computer virus since the summer, it was learned Wednesday.
Photograph by: Jung Yeon-Je, AFP/Getty Images

TOKYO — At least dozens of computers used at Japanese diplomatic offices in nine countries have been infected with viruses since this summer, it has been learned.

Many of the targeted computers were found to have been infected with a so-called backdoor virus, which allows a remote hacker to gain access and steal information. Cyber-attacks against the Japanese Embassy in Seoul opened a route by which a large quantity of diplomatic information could have been sent to an outside server, according to sources.

The Foreign Ministry has launched an investigation to find out how much damage it suffered, suspecting the infection was caused by so-called spear attacks targeting the ministry’s confidential diplomatic information.

The revelation came soon after the nation’s defense industry and political nerve centre had come under cyber-attacks. About 80 computers at Tokyo-based major defense contractor Mitsubishi Heavy Industries, Ltd. were found last month to have been infected with viruses, leading the Metropolitan Police Department to investigate the case on suspicion that the Unauthorized Computer Access Law had been violated.

Earlier this week, state-supplied computers distributed to House of Representatives lawmakers for public business were found to be infected with viruses.

Now that confidential diplomatic information has also been found to have been at risk of being leaked outside, the government has an even greater need to work out countermeasures, observers said.

According to the sources, the nine countries where the affected Japanese diplomatic offices are located include Canada, China, France, Myanmar, the Netherlands, South Korea and the United States. The ministry’s investigation may reveal a greater number of affected offices and infected computers.

The Japanese Embassy in Seoul realized this summer that computers and other devices used by its staff had been infected by viruses including the backdoor virus. It was found that a route had been created to allow internal information to be sent to the outside, according to the sources.

The computer virus in question provides a backdoor into a computer through which a hacker can secure remote access and obtain data to use or distribute outside. The virus is said to be often used in spear attacks, which target specific people or companies to steal information from them.

The Foreign Ministry handles diplomatic secrets in a closed system and other kinds of information in an open one, but even the open system includes a network that only allows authorized accesses by users with passwords and IDs. However, this network was found to have been infected through the attacks, according to the sources.

An official at the ministry’s Information and Communication Division admitted that the ministry was exposed to many spear attacks in May and June, some of which resulted in virus infections of some computers.

“However, we responded appropriately every time we found a virus infection,” the official added. “As the Foreign Ministry is a likely target of cyber-attacks, we have been cautious about security for our systems, particularly since the revelation of the MHI case.”

No confidential information has been leaked due to recent cyber-attacks against the Foreign Ministry, Chief Cabinet Secretary Osamu Fujimura said Wednesday.

Computers at the ministry’s headquarters in Tokyo and its overseas offices “have been receiving many targeted e-mail attacks since June” in an apparent attempt to steal diplomatic secrets, Fujimura told a press conference.

“The Foreign Ministry handles confidential information in a closed local area network,” he added, which is designed to prevent unauthorized access from the outside. “Therefore, no confidential information has been leaked (through these attacks).”

Share

Related posts:

  1. Stuxnet-based cyber espionage virus targets European firms
  2. Japan defence firm Mitsubishi Heavy in cyber attack
  3. Exclusive: Computer Virus Hits U.S. Drone Fleet
  4. Protesters storm 3 of Syria’s diplomatic missions in Germany, Switzerland
  5. Drug firms using backdoor tactics to boost sales, report reveals
  6. Chronic Fatigue Not Tied to Mouse Virus in Repudiation of Earlier Findings
  7. Scientists discover virus that kills all grades of breast cancer ‘within seven days’
  8. Japan contractor hacking likely got military data: Asahi
  9. More poisons vaccines on the way labelled against Cancer viruses
  10. ‘New’ Virus Catches CDC’s Eye
  11. Your credit card details on sale for just 70p: Cyber crime is reaching a ‘disturbing level’
  12. Japanese factory output and household spending fall
  13. Japanese Dump Real Funds at Fastest Pace Since Earthquake: Brazil Credit
  14. Whale Hunts going ahead by Japanese
  15. Japanese political power-broker Ozawa goes on trial
  16. Japanese Stock Futures Decline as IMF Cuts Global Economic Growth Outlook
  17. JAPANESE EARTHQUAKE THE STUXNET NUCLEAR WAR & THE SUSPECTS BEHIND IT [Video]
  18. JAPANESE EARTHQUAKE 2011 WHO’S REALLY BEHIND IT?
  19. You won’t get many animals in there: Japanese invent miniature version of Noah’s Ark built to withstand earthquakes and tsunamis
  20. Hidenari

Leave a Reply