Infrastructure-related firms see jump in malware attacks

Kyodo

Companies and other organizations in the electricity, gas and three other infrastructure-related industries in Japan have seen an increase in malware-infected email designed for cyberattacks, the state-backed Information-Technology Promotion Agency said.

The agency logged 226 cyberattacks on the five industries between April and June, roughly equaling the figure for all of fiscal 2013 ended last March.

The agency says several groups have launched extensive and persistent attacks. Although it says the surge may be a one-off event, it has urged firms and other groups in infrastructure-related industries to improve security and provide information on suspicious messages.

The development comes as the government, alarmed by the risk such cyberattacks pose to the general public, is trying to develop countermeasures.

In fiscal 2012, the agency, part of the Ministry of Economy, Trade and Industry, began analyzing suspicious email sent to firms and groups in five industries: electricity, gas, chemicals, oil and critical infrastructure equipment manufacturers.

The number of messages determined to be “targeted email attacks” came to 201 in fiscal 2012 and 233 in fiscal 2013.

A targeted email attack is the act of sending email containing malware to people inside specific government agencies or companies to infect their computers with viruses to stage a cyberattack.

Employees’ identities and passwords may be stolen by the viruses. If attackers find their way into the computer network of an organization, there is a danger they could gain control of Japanese infrastructure, experts say.

The email was sent not only from within Japan, but also from the United States, Hong Kong, South Korea and China, according to the agency. Once PCs were infected, they engaged in unauthorized communication with terminals in such countries.

The agency does not know whether the firms and organizations suffered damage, because they usually don’t report to the agency whether systems were infected by malware.