Japanese parliament hit by cyber attack from China

China has been implicated in a cyber attack designed to hack the emails of Japanese parliament members, as news emerged that details on nuclear plants and war planes may have been stolen from a separate attack on Mitsubishi Heavy Industries.

Japanese newspaper The Asahi Shimbun reported on Tuesday that a server located in China was used for the attack on the Japanese Lower House. This led to an extraordinary meeting of a key subcommittee after it emerged that hackers had access to emails and documents belonging to the chamber's 480 legislators for at least one month.

A Lower House server and PCs were infected with the data-stealing Trojan after a member of the chamber opened a malicious email attachment in late July. However, the lawmaker in question failed to report the malware infection for around a month.

Lower House members have now been asked to change their passwords, although this happens as a rule every three months anyway, the report added.

The news comes as a separate Asahi Shimbun story on Monday reported that an attack on Mitsubishi Heavy Industries in July may have led to hackers stealing sensitive information on key defence equipment including nuclear plants and jet fighters.

The incident, uncovered by Trend Micro in September, was part of a large scale, co-ordinated and covert campaign of targeted attacks carried out in July against defence companies in Israel, India and the US.

The attacks typically started as a targeted email containing a malicious PDF attachment designed to exploit a vulnerability in Adobe Flash and Reader. Once infected, the user's machine called home to a command and control server, which downloaded a remote action Trojan to give hackers control over that machine.

Sources told the Asahi that an internal investigation revealed that sensitive information had been sent outside the company's network, despite Mitsubishi claiming to have taken the appropriate measures to protect the data.

Christophe Bianco, European general manager at vulnerability management firm Qualys, warned that the revelations raise serious security questions that should concern all organisations.

"If this information has indeed been lost it shows that, even for companies acting in sensitive markets where the level of security is normally at the top level, it is difficult for them to protect themselves," he said.

"This gives perspective on the challenge currently faced by other private sector organisations that interact with the general public."