Japan foreign ministry says PC leaked docs to external server

[Erica Absetz <eabsetz () opensecurityfoundation org>]

http://www.csoonline.com/article/728343/japan-foreign-ministry-says-pc-leaked-docs-to-external-server

February 06, 2013 — IDG News Service — Japan's foreign ministry said
that a computer was compromised and documents were probably copied to
an external server.

The Ministry of Foreign Affairs said that about 20 documents are
feared to have been stolen, though none of them were confidential. The
ministry said it was made aware of the breach on Jan. 28 by Japan's
National Information Security Center, a government body. The incident
was described in a public posting dated Tuesday.

The leak occurred on a government network that doesn't handle highly
sensitive materials. The documents leaked were all rated at the
country's second-highest security clearance or lower, which the
ministry describes as documents that are not classified but "could
infringe the rights of the public or impede administrative affairs if
leaked."

The ministry said it immediately took measures to stop leaks to the
server in question and is working with outside specialists to
investigate the incident. It did not provide information on the
external server, as investigations are still going on.

Japanese government computers have long been the target of hackers,
with officials often claiming the attacks come from nearby China. The
government and national police have in recent years scrambled to
establish new agencies and publish user guidelines to make its
networks safer.

Last year, Japan's space agency said a virus may have stolen sensitive
information on a long-range rocket project, after a single employee's
computer was compromised. In the previous year, the Japan Aerospace
Exploration Agency, or JAXA, said images and emails were leaked in a
separate incident when a worker opened software sent in a targeted
mail.

The country's agriculture ministry has also been hit with attacks, as
has the Diet, the national parliament. Two years ago, both houses of
Japan's parliament were hacked via "Trojan Horse" software opened by
its members, possibly leaking names and passwords of politicians.

Domestically, national police have wrongly made arrests in pursuit of
a hacker that took over computers and used them to publicly post
threatening messages.
_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges. 

Tenable Network Security (http://www.tenable.com/)
Tenable Network Security provides a suite of solutions which unify real-time
vulnerability, event and compliance monitoring into a single, role-based, interface
for administrators, auditors and risk managers to evaluate, communicate and
report needed information for effective decision making and systems management.