Threat Actors Breach Japan's Kobe Steel and Pasco in Latest Defense Industry Targeted Cyber Attacks

February has brought an onslaught of breach-related news from Japan. These latest disclosures follow those from Mitsubishi Electric and NEC, two of the largest players in the Japanese defense industry:

Kobe Steel and Pasco found some of their intracompany network terminals were infected with a computer virus, likely from unauthorized outside access in August 2016 and May 2018, respectively, according to the ministry.

Kobe Steel said a total of 250 files -- including information on the ministry, as well as personal data -- might have been leaked. The company has taken measures to beef up cybersecurity.

A Pasco official quoted a third party as saying the attacker may have links to China.

Kobe Steel has been a supplier of submarine parts for the Self-Defense Forces, while Pasco has provided the SDF with satellite data.

Is this a precursor of what is to be expected as Tokyo 2020 approaches?

South Carolina Water Company Cyber Attack, CEO "Fairly Certain" No Comprise Occurred

If the CEO is only "fairly certain" no corporate data has been compromised there is a major problem. Approximately ten days have elapsed since the attack occurred so there should be no uncertainty at this point:

The cyber-attack on Greenville Water triggered a payment system outage that began on Wednesday, January 22. Company spokesperson Emerald Clark said 500,000 customers were affected by the incident.

An investigation has been launched into the cyber-attack, the exact nature of which is yet to be revealed by Greenville Water. It's not yet known who targeted the water company or from where the attack was launched.

Greenville Water CEO David Bereskin said he was "fairly certain" that the utility's data had not been compromised as a result of the incident.

This sounds reassuring:

In the statement, Clark said that the incident "has not and will not impact or compromise the safety and delivery of water that is treated and maintained by our facilities."

When asked for comment on the cyber-attack by the Greenville News, Greenville County government affairs coordinator Bob Mihalic stated only that "Greenville County uses multiple methods of protecting data, hardware, and infrastructure from potential cyber-attacks."

The statement is mere obfuscation. It would be easy to state unequivocally the operational network where the industrial control systems and SCADA for the water treatment facility reside are air-gapped, and therefore not physically connected to the business network - a security best practice for sensitive, mission critical networks. Since Bob Mihalic failed to mention this point it makes me wonder if, in fact, the networks are connected and therefore lateral movement to the OT network is possible.

Lessons Learned from Losing $13,103.91 to Hackers

It is hard to admit, and potentially quite embarrassing, after being tricked by attackers who end up stealing a not so insignificant amount of money. It can happen to anyone, even the current richest man on the planet can be successfully hacked. This well written lessons learned story from a Recode data privacy reporter outlines how even the most innocuous activity may be indicative of a much greater threat:

Because I didn’t take a few basic internet security precautions, hackers robbed me of $13,103.91 worth of cash and prizes from three of my accounts over the next six months. And while this doesn’t make me, your Recode data privacy reporter, look very smart, I’m sharing my story with you in the hope that it will help you avoid a similar fate.

The person who hacked my Grubhub account last March ordered a black fungus salad with celery, a five-spice-marinated beef entree, and 12 pork dumplings (with chives) for a total of $26.84. At first, it was annoying but didn’t seem like that big of a deal: I notified Grubhub about the fraudulent charge and got a refund. Then I changed my password, sent an angry text to the phone number on the food order, and went about my life, foolishly thinking that this was an isolated incident. It was not.

Five months later, I logged into my bank account to find a substantially smaller number in my savings account than I expected. Sure enough, $9,000 had been wired away two days previously. During the subsequent, frantic call to my bank, I looked at my checking account and saw that $4,000 had been wired away from there, too — a discovery I declared with a variety of curse words. The woman on the other end of the line had a pleasant Southern drawl, which made her promises that I would get the money back seem extra reassuring.

Being aware of the threat, paying attention to detail, and being cognizant of your online actions can go a long way in preventing a loss like this from occurring.