Search This Blog

Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Showing posts with label Aflac Japan. Show all posts

Hackers Target Industries in Japan, Attacks Share One Pattern


Four big Japan cyberattacks point to a common trend: threat actors are getting access via third-party infrastructure and subsidiaries, not from corporate headquarters. 

While the attacks impacted companies from varying industries such as telecommunications, manufacturing, insurance, and brewing, the breaches have one same characteristic.

Attacks share same patterns

Instead of directly disrupting corporate headquarters, hackers gained access via third-party infrastructure, subsidiaries, and overseas operations. 

The impacted organizations are Nidec, KDDI, Aflac Japan, and Sapporo Holdings. While the attacks involved different contexts, the incidents hint towards an increasing attack surface that expands well beyond a company’s primary network.

About KDDI incident 

KDDI, a telecommunications provider, reported illegal access to an email platform used by various Japanese internet service providers.

KDDI reported the incident surfaced from a bug in third-party software, revealing around 14.22 million email account records throughout six ISPs.

The attack shows how a single bug inside shared infrastructure can impact various organizations continuously.

Aflac Japan incident

On June 30, Aflac Japan revealed that between June 15 and June 25, hackers gained access to its Japanese operations. The company claims that some 4.38 million clients and agents were impacted, and a portion of the documents included bank account details used to pay insurance premiums.

According to the insurance, the incident only affected its company in Japan and had no bearing on its operations in the United States.

The alleged tactics are similar to social engineering strategies previously linked to Scattered Spider, even though the business has not linked the attack to any particular threat organization.

Sapporo Holdings and Nidec incident

Sapporo Holdings revealed possible illegal access involving two foreign subsidiaries, Canadian brewer Sleeman and Singapore-based Pokka. After identifying suspicious activity, the company shut down the impacted systems and started an investigation to find out if any data had been taken or accessed.

Nidec, a manufacturing company, has revealed that its Taiwanese subsidiary, Nidec Chaun Choung Technology, was the subject of a ransomware attack.

More than two gigabytes of firm data, including personnel, financial, procurement, manufacturing, legal, and IT information, were allegedly taken by the BlackField ransomware organization, which claimed responsibility for the attack. A $2 million ransom was allegedly demanded by the organization.