Email
Password
Remember meForgot password?
    Log in with Twitter

article imageMitsubishi Electric confirms major data breach Special

By Tim Sandle     Jan 21, 2020 in Technology
Mitsubishi Electric released a statement today confirming that the company was hit by a data breach dating back to late June last year. It’s speculated that the cyberattack is linked to a Chinese cyber-espionage group, Tick (or Bronze Butler).
The data breach is of global importance, not least because Mitsubishi Electric manufactures defense equipment including torpedoes, missile launching platforms, fighter planes, and guided weapon systems, for Japan and export. The hackers stole sensitive data from the company's internal network, as ZDNet reports.
The hacker group Tick is well-known for targeting Japan over the past few years. The unauthorized access was tracked to a compromised employee account. Hackers were also able swipe 200 MB of files by accessing Mitsubishi Electric's internal systems and networks.
To learn more about the background to the attack, Digital Journal caught up with Ben Goodman, CISSP and SVP of global business and corporate development at ForgeRock.
According to Goodman, the method of the attack is a common one: “Unauthorized access is one of the most frequent cyberattack methods, encompassing 34 percent of all attacks, which is what happened to Mitsubishi Electric when malicious actors were able to steal 200 MB worth of files from the manufacturing giant’s internal systems."
Looking at the specific attack, Goodman notes the seriousness of the issue: "While the type of data breached is unclear, knowing that Mitsubishi Electric is a top contractor for Japan’s military and infrastructure, this breach is especially concerning."
Turning his attention to businesses in general, Goodman next looks at the implications for businesses: "Enterprises and organizations that regularly handle sensitive and confidential data must understand the serious risks associated with a breach of that information and leverage Zero Trust security strategies, where organizations ‘never trust, but always verify’ entities outside and inside their network."
In terms of preventative actions, Goodman recommends: "By employing modern identity and access management (IAM) tools that can prescribe contextual and continuous security, detect abnormal behavior and validate identity by prompting two-factor authentication (2FA) or multi-factor authentication (MFA), organizations can put extra layers between cybercriminals and their sensitive data.”
More about Mitsubishi Electric, Cybersecurity, Cyberattack, Data breach
 
Latest News
Top News