Data about defense personnel may have been leaked after a cyberattack in May compromised computers at a Tokyo hotel mainly used by Defense Ministry officials and Self-Defense Forces personnel, sources said Tuesday.
A computer at Hotel Grand Hill Ichigaya, run by the mutual aid society for ministry employees, began sending irregular transmissions after an employee opened an apparently infected email attachment that month, the sources said.
It is the first time authorities have acknowledged the penetration of a computer at a Defense Ministry-related organization. Figures show there are millions of attempts every year to hack government-related computers.
The hotel said there was no leak of confidential information as the ministry’s system is different from that of the hotel.
Staff have isolated all of the hotel’s computers from the Internet and are “investigating” whether information about guests was released.
Defense Minister Gen Nakatani told a news conference that the hotel’s computer system is not connected to those of the ministry and the mutual aid society. He emphasized that the breach “will not affect the Defense Ministry.”
According to the sources, the Defense Ministry notified the hotel June 11 of irregular transmissions having been made with an outer server.
It was found that one computer was infected with a virus after an employee opened an attached file received May 22 and titled “The announcement of a meeting,” the sources said.
Fumiaki Yamasaki, a cybersecurity expert and adjunct professor at the University of Aizu, said the Defense Ministry “needs to strengthen its crisis management,” and warned that if addresses, phone numbers and information on family members were leaked the data could be misused.
Figures from the National Center of Incident Readiness and Strategy for Cybersecurity show that approximately 5.08 million cyberattacks occurred against the government and related organizations in fiscal 2013.