A cyberattack on one of the Japanese tech giants could have caused a lot more damage than expected. Last year there was major cyberattack on Mitsubishi’s systems, which the tech giant has claimed to be part of “industrial spying”. According to sources, Mitsubishi Electric was working in coordination with Japan’s defense ministry on an advanced weapon system. The hackers belonged to Black tech and Tick Chinese hackers groups. They made their way into Japanese systems through communication systems affiliated to China. This exposes a lacuna in security vis-à-vis research and development in defense industry. India, which too has been jointly working with many private companies on myriads of defense related projects, should consider working on securing it’s ongoing projects.
Ostensibly, Japan’s defense ministry’s acquisition, technology and logistics agency (ATLA) had handed out certain specifications to defense companies like Mitsubishi electric for bidding of prototype missile production. The stolen information specifications are that of a hypersonic glide missile. Though the information was not confidential, yet it was classified and companies who received the specifications for bidding were asked that the information should be protected. Mitsubishi concluded in an internal investigation that the attack was made possible due to certain software defects of communication equipment, which were affiliated to companies in China.
China on myriads of occasions has been accused of industrial espionage and information warfare by many countries including America. While most of the countries are still working on defining a threshold when an industrial espionage can trigger violent reprisals, France already has made it’s policy on such interference clear. France has adopted Tallinn manual 2.0, and it says– digital interference in its internal or external affairs constitutes prohibited intervention if it is likely to affect the French political, economic or social system.
Tallinn Manual 2.0– is an influential guide to applying International laws to cyberspace, not many countries follow it.
In India, presently private sectors do not have much access into defense industry. Yet, on certain key projects like Pinaka multi barrel rocket launcher and C3I command and control software systems, DRDO (Defence Research and Development Organisation), an agency of Government of India, is working closely with private companies. In 2018, one of the DRDO’s scientists was honey trapped by Pakistan’s spy agency, ISI, the incident pointed out the chink in DRDO’s armour. Working with private companies is not the real issue here but vetting the use of equipment which may be based in China. Also, it’s about securing the systems at such defense R&D facilities.
Read more on cyberattacks—Can cyberattack lead to a war? Lessons from 2 cyber attacks