Japanese Kawasaki Heavy Industries discloses security breach

Japanese giant Kawasaki Heavy Industries discovered unauthorized access to a Japanese company server from multiple overseas offices.

Kawasaki Heavy Industries disclosed a security breach, the company discovered unauthorized access to a Japanese company server from multiple overseas offices. Information from its overseas offices might have been stolen as a result of a security breach that took place earlier this year.

Kawasaki Heavy Industries Ltd. is a Japanese public multinational corporation primarily known as a manufacturer of motorcycles, engines, heavy equipment, aerospace and defense equipment, rolling stock and ships. It is also active in the production of industrial robots, gas turbines, boilers, and other industrial products.

Japan’s Kawasaki Heavy Industries announced a security breach and potential data leak after unauthorized access to a Japanese company server from multiple overseas offices.

“On June 11, 2020, an internal system audit revealed a connection to a server in Japan from an overseas office (Thailand) that should not have occurred. Within the same day, communication between the overseas office and our Japan office was fully terminated considering as a case of unauthorized access.” reads the statement published by the company. “However, other unauthorized accesses to servers in Japan from other overseas sites (Indonesia, the Philippines, and the United States) were subsequently discovered.”

Kawasaki discovered the incident during an internal audit, its IT staff noticed “a connection to a server in Japan from an overseas office (Thailand) that should not have occurred.”

“Kawasaki Heavy Industries, Ltd. announced that it was subject to unauthorized access from outside the company. As a result of a thorough investigation, the company has discovered that some information from overseas offices may have been leaked to external parties,” continues the statement.

“At this time, the company has found no evidence of leaking information to the external network.”

The Japanese firm announced to have enhanced monitoring operations to access from overseas offices, it also restricted access to its Japanese servers from abroad.

Kawasaki Heavy Industries conducted a security audit of approximately 26,000 terminals in Japan and Thailand network and in early October the company announced the inspection of approximately 3,000 terminals in overseas offices network (excluding Thailand) that were potentially impacted by the security incident.

On November 30, the company restored the network communication terminated between overseas offices and the Japan headquarter.

Kawasaki confirms that no unauthorized connections were made to the Japanese servers after August, it also pointed out that the attack was sophisticated and used advanced technology to avoid detection.

“the unauthorized access in question had been carried out with advanced technology that did not leave a trace.“

“To this end, since the confirmation of unauthorized access, Kawasaki special project team engaged with an independent external security specialist firm has been investigating and implementing countermeasures. Their investigation confirmed a possibility that information of unknown content may have been leaked to a third party. However, at the present time, we have found no evidence of leaking information including personal information to external parties.”

Other prominent Japanese companies were hit by cyber attacks this year, including defense contractors Pasco and Kobe Steel and Mitsubishi Electric.

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Kawasaki)

[adrotate banner=”5″]

[adrotate banner=”13″]