Cybercriminals have breached the offices of multiple Japanese agencies by hacking into Fujitsu’s software-as-a-service (SaaS) platform and gaining access to its systems.
A number o confidential files belonging to multiple Japanese government entities were also stolen after attackers gained unauthorized access to projects that used ProjectWEB, Fujitsu stated.
Various agencies including the Ministry of Land, Infrastructure, Transport, and Tourism; the Ministry of Foreign Affairs; the Cabinet Secretariat; and the Narita Airport acknowledged that hackers were able to gain inside information via Fujitsu's information-sharing tool.
ProjectWEB is a software-as-a-service (SaaS) platform for enterprise collaboration and file platform that Fujitsu has operated since the mid-2000s, and which a number of agencies within the Japanese government currently use. Fujitsu's ProjectWEB enables companies and organizations to exchange information internally, with project managers and stakeholders, for example.
Japanese press reported Narita International Airport, located near Tokyo, was impacted as well since Fujitsu attackers managed to steal air traffic control data, flight schedules, and information on business operations. Japanese press reported that the attackers stole documents that contained more than 76,000 email addresses for employees and contractors for the Ministry of Land, Infrastructure, Transport, and Tourism. However, the local authorities did not confirm the reports in a press conference on Wednesday.
As a precautionary measure, Cabinet Secretariat's national cybersecurity center (NISC) issued multiple advisories alerting government agencies and critical infrastructure organizations using Fujitsu's tool to check for signs of unauthorized access and information leakage.
Fujitsu suspends ProjectWEB online portal
Fujitsu decided to shut down the ProjectWEB platform on Tuesday to investigate the ‘scope and cause’ of the breach ..
Support the originator by clicking the read the rest link below.
