A number of Japanese government agencies suffered the theft of internal data and emails after unknown hackers successfully hacked into the ProjectWEB collaboration and project management software developed by Fujitsu.
According to Threatpost, ProjectWEB is a “a cloud-based enterprise collaboration and file-sharing platform that Fujitsu has operated since the mid-2000s, and which a number of agencies within the Japan government currently use.” The SaaS platform is used by several Japanese government agencies such as the Ministry of Land, Transport, and Tourism and the Cabinet Secretariat.
Earlier this week, Japanese public broadcaster NHK reported that the Ministry of Land, Infrastructure and Transport Ministry suffered the theft of at least 76,000 email addresses of its employees and business partners soon after hackers broke into Fujitsu’s ProjectWEB software at Narita Airport east of Tokyo.
The hackers also reportedly accessed data on air traffic control as well as data belonging to the Cabinet Secretariat. “Fujitsu can confirm unauthorised access to ProjectWEB, a collaboration and project management software, used for Japanese-based projects. Fujitsu is currently conducting a thorough review of this incident, and we are in close consultation with the Japanese authorities,” the company said.
“As a precautionary measure, we have suspended use of this tool, and we have informed any potentially impacted customers.”
According to Ilia Kolochenko, founder of ImmuniWeb, Fujitsu’s incident resembles the SolarWinds one in the US and will probably have similar consequences including enhanced cybersecurity regulations, comprehensive due diligence of governmental contractors akin to the DoD’s CMMC in the US, and likely additional funding for national cybersecurity.
“Surging supply chain attacks of national amplitude and multi-billion losses will probably trigger similar consequences around the globe. Spending more, however, does not mean spending wiser. Legislators and regulators should thus consider a consistent, holistic, multistakeholder and long-term oriented cybersecurity strategy as a key factor for regulated organizations to prevent cyber attacks and reduce data breaches.”
Speaking on how hackers could have gained access to the ProjectWEB software, Brooks Wallace, VP EMEA at Deep Instinct, says that a common problem with information sharing tools is the fact that many of them were built with the positive intent for collaboration. To be able to share information across an organsiation through one tool allows employees and the like to make decisions that are driven by data and do so in a timely manner.
“However, many of these tools were designed without security in mind which means they have an extensive number of vulnerabilities that could be exploited at any moment. As more information is uploaded, and more people are allowed to have access to the tool, the attack surface grows, and therefore there is a higher the chance that the tool can be breached by a threat actor and data can be accessed.
“While we don’t yet know whether these actors gained unauthorised access due to a vulnerability or a targeted supply chain attack, the fact of the matter is, they did gain access. Organisations as large as Fujitsu need to understand that, to cyber criminals, they are seen as the ultimate trophy to be won- to obtain the information of 76,000 e-mail addresses will give the attackers of this breach a significant reputation and major kudos in the hacker community,” Wallace adds.