Nippon Telegraph & Telephone (NTT) hacked: Japan defense, client & employees data leaked

A new hacking incident has hit the Japanese government. According to logical security specialists, a cyberattack was recently detected against NTT Communications Corp, affiliated with Nippon Telegraph and Telephone Corp, so communication networks employed by the Japan Self-Defense Forces could have been exposed.  

The Ministry of Defense has ordered an investigation in collaboration with the affected company; an anonymous source close to the incident mentions that potential leaks could negatively and unexpectedly affect the operations of the Japanese central defense system.

According to logical security specialists, possible leaks are related to information about the communications equipment and the design of a Maritime Self-Defense Force facility in Yokosuka, south of Tokyo, as well as that of communication lines at approximately 10 Self-Defense Forces locations.

Those responsible for the incident reportedly accessed more than 100 files without authorization, according to the informant. All data was linked to the businesses that NTT Communications has agreed with the Ministry of Defense. While the information compromised is not considered “confidential”, the Ministry notes that there is a possibility that this data may be used to compromise Defense networks

A few days ago, NTT Communications said that information about 621 of its customers could have been leaked due to newly detected unauthorized access on their networks. Logical security experts mention that the company reserved the right to disclose the name of the companies concerned, as the investigation is active. The company also did not refer to potential army leaks.

The anonymous informant also claims, on May 7, NTT decided to suspend its communications with the outside world after detecting anomalous activity on its servers. A few days later, the company’s IT team revealed potential leaks. In an internal security report, the company mentioned the detection of various unauthorized access to information related to the Ministry of Defense from 4 to 5 May; this activity was carried out through a server located in Singapore. NTT Communications reported the incident to the ministry on 13 May, but said the chances of confidential information being leaked are limited.

According to the International Institute of Cyber Security (IICS), this is the latest case of cyberattack against Japanese companies serving defense services. On past occasions, hacker groups have compromised the IT infrastructure of companies such as Mitsubishi, NEC Corp, Kobee Steel, among others. These incidents have exposed sensitive information, such as blueprints on new military developments, infrastructure details, and more classified information.