TOKYO—At least dozens of computers used at Japanese diplomatic offices in nine countries have been infected with viruses since this summer, it has been learned.
Many of the targeted computers were found to have been infected with a so-called backdoor virus, which allows a remote hacker to gain access and steal information. Cyberattacks against the Japanese Embassy in Seoul opened a route by which a large quantity of diplomatic information could have been sent to an outside server, according to sources.
The Foreign Ministry has launched an investigation to find out how much damage it suffered, suspecting the infection was caused by so-called spear attacks targeting the ministry’s confidential diplomatic information. The revelation came soon after the nation’s defense industry and political nerve center had come under cyberattacks. About 80 computers at Tokyo-based major defense contractor Mitsubishi Heavy Industries Ltd. were found last month to have been infected with viruses, leading the Metropolitan Police Department to investigate the case on suspicion that the unauthorized computer access law had been violated.
Earlier this week, state-supplied computers distributed to House of Representatives lawmakers for public business were found to be infected with viruses.
Now that confidential diplomatic information has also been found to have been at risk of being leaked outside, the government has an even greater need to work out countermeasures, observers said.
According to the sources, the nine countries where the affected Japanese diplomatic offices are located include, among others, Canada, China, France, Myanmar, the Netherlands, South Korea and the United States. The ministry’s investigation may reveal a greater number of affected offices and infected computers. The Japanese Embassy in Seoul realized this summer that computers and other devices used by its staff had been infected by viruses including the backdoor virus. It was found that a route had been created to allow internal information to be sent to the outside, according to the sources.
The computer virus in question provides a backdoor into a computer through which a hacker can secure remote access and obtain data to use or distribute outside. The virus is said to be often used in spear attacks, which target specific people or companies to steal information from them. The Foreign Ministry handles diplomatic secrets in a closed system and other kinds of information in an open one, but even the open system includes a network that only allows authorized accesses by users with passwords and IDs. However, this network was found to have been infected through the attacks, according to the sources.
An official at the ministry’s Information and Communication Division admitted that the ministry was exposed to many spear attacks in May and June, some of which resulted in virus infections of some computers.
“However, we responded appropriately every time we found a virus infection,” the official added. “As the Foreign Ministry is a likely target of cyberattacks, we have been cautious about security for our systems, particularly since the revelation of the MHI case.”
