At least eight viruses infected servers at Mitsubishi Heavy Industries, with nuclear plant data believed to be among the targets of a coordinated cyber attack, the company said.
Mitsubishi Heavy is a leading defense contractor in Japan and also provides a wide range of products and design services to the civilian nuclear industry. The viruses infected 45 servers and 38 individual computers and also put data on weapons systems at risk.
Japanese government officials said they are not aware of any sensitive information accessed during the attack. Nonetheless, the government demanded Mitsubishi Heavy conduct an investigation, which the company said will be complete by the end of the month.
The attack occurred in August, Mitsubishi Heavy reported. It originated outside the company’s computer network and may have revealed some Mitsubishi Heavy information, like IP addresses.
Nuclear plants and other security-sensitive institutions have become more focused on the risk of cyber attacks over the last decade.
In the U.S., the Nuclear Regulatory Commission (NRC) started requiring plants to address cyber threats as they enhanced security after Sept. 11, 2001. By 2005, the NRC endorsed a program developed by the Nuclear Energy Institute to help licensees establish cyber security programs. That work now encompasses digital instrumentation and controls and a range of other plant safety applications.
In 2009, the agency issued a new cyber security rule requiring all plants to submit their cyber security plans and timelines for NRC approval.