Forwarded from: William Knowles <wkat_private> http://www.japantimes.co.jp/cgi-bin/getarticle.pl5?nn20020807a2.htm The Japan Times August 7, 2002 The Defense Agency opened an investigation Tuesday into a suspected case of blackmail involving data allegedly leaked through a subcontractor hired to help develop a 1.1 billion yen computer network for the Self-Defense Forces. The data, which includes plans of the system's design and more than 10,000 Internet Protocol addresses on the network used by the Ground Self-Defense Force and the Air Self-Defense Force, is believed to have been taken from a software firm subcontracted by Fujitsu Ltd., the developer of the system. In late June, three to four men contacted Fujitsu on several occasions to blackmail the company into buying back the data, the officials said. They did not specify a price. According to sources close to the case, one of the suspected blackmailers may be a former Self-Defense Force member who had belonged to a unit in western Japan. On one occasion, one of them claimed to be a "newphew" of a former Defense Agency chief, they said. After they reportedly threatened to sell the data elsewhere, Fujitsu contacted the agency, which confirmed the authenticity of the data. The IP addresses, which are used to designate each computer that can log onto the system, could give enemies a way to hack into the network. But Defense Agency officials said the theft poses little risk to national security. "Even knowing the IP addresses, it is not possible to enter the system. Identification numbers and passwords are needed," a high-ranking agency official said. "There should not be any problems with security, but just in case, we have decided to change the addresses." The Defense Agency's computer network links computers at more than 200 bases and military facilities across the country. It is used to exchange data on personnel changes and other information, the officials said, adding that there are no defense secrets and military information available on the network. The stolen data, which also included details on several networks used by the SDF, was apparently compiled by Fujitsu Ltd., the main developer of the network. The leak occurred when Fujitsu subcontracted some of the software development to another company, where the data was allegedly stolen before Fujitsu could deliver the system to the agency, the officials said. According to the sources, Fujitsu handed computer discs holding the stolen data to one of the subcontractor's employees. From there, it is believed to have fallen into unsafe hands, the sources said. The computer system was delivered to the Defense Agency late last year and began operating in the spring. Fujitsu officials said that overall, about 200 employees from 32 companies other than Fujitsu were involved in the project. On Tuesday, Fujitsu filed a criminal complaint with the Kanagawa Prefectural Police in the suspected blackmailing case. Meanwhile, Chief Cabinet Secretary Yasuo Fukuda told reporters the government is taking "all necessary measures" to deal with the case. Asked about Defense Agency chief Gen Nakatani's responsibility in the case, Fukuda said, "We have to know first to what extent the leaked data had to be confidential. It is way too early to discuss his responsibility." *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ================================================================ C4I.org - Computer Security, & Intelligence - http://www.c4i.org *==============================================================* - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Thu Aug 08 2002 - 03:46:17 PDT