Published on January 20, 2020.
This article introduces a news report found on Yahoo News concerning a large-scale cyberattack on Mitsubishi Electric. It describes unauthorized access to information related to government agencies such as the Ministry of Defense, the Ministry of the Environment, the Cabinet Office, the Nuclear Regulation Authority, and the Agency for Natural Resources and Energy, as well as companies in the electric power, telecommunications, railway, and automobile sectors, while pointing to the possible involvement of the China-linked cyberattack group “Tick.”

January 20, 2020
Judging from the methods used in the unauthorized access, the company believes that the China-linked cyberattack group “Tick,” which mainly targets confidential defense-related information, may have been involved.
The following is an article from today that I have just found online on Yahoo News.
It has been learned that Mitsubishi Electric, a major general electronics manufacturer, suffered a large-scale cyberattack, and that information concerning public- and private-sector clients, including highly confidential defense-related information and information related to critical social infrastructure such as electric power and railways, may have been widely leaked. An internal investigation found that many computers and servers at the company’s headquarters and major bases had been subjected to unauthorized access.
Judging from the methods used in the unauthorized access, the company believes that the China-linked cyberattack group “Tick,” which mainly targets confidential defense-related information, may have been involved.
According to multiple sources and the company’s internal investigation, traces of unauthorized intrusion were found on at least more than 120 computers in Japan and overseas, as well as on more than 40 servers. The damage caused by the unauthorized access extends across the company on a company-wide scale.
In addition to the company’s own information, various information related to more than ten ministries, agencies, and government bodies, including the Ministry of Defense, the Ministry of the Environment, the Cabinet Office, the Nuclear Regulation Authority, and the Agency for Natural Resources and Energy, as well as at least several dozen private companies in Japan and overseas, mainly major companies in electric power, telecommunications, JR and private railways, and automobiles, was subjected to unauthorized access.
Part of that information may have been leaked outside the company.
The information included materials related to joint development and business negotiations with clients, product orders, materials for meetings attended by company executives, and information shared within research institutes. There is also concern that information concerning the performance of defense technology and critical social infrastructure may have been leaked.
In June of last year, a suspicious file was found on a server at a domestic research institute. Taking this as a trigger, the company proceeded with an internal investigation across the entire company, and unauthorized access was confirmed in most of its fourteen headquarters and business headquarters, including the Sales Headquarters and the Electronic Systems Group, as well as in part of the administrative division at headquarters.
The unauthorized access began at an affiliated company in China and spread to bases inside Japan.
Using hijacked accounts, the attackers entered the company’s internal network and continued unauthorized access by targeting the computers of middle-management personnel, who had broad authority to access confidential information. The information is believed to have been collected on terminals used for transmission and sent out in several batches, making it highly likely that it was leaked externally.