Security news, analysis, expert opinions on cybersecurity and technology

Mitsubishi companies hit by cyber attack, ransomware

Mitsubishi Electric and sister companies such as Mitsubishi Polycrystalline have been hit by cyberattacks, including ransomware

Ax Sharma November 21, 2020 2 min read

This month, multiple subsidiary companies of the Japanese motor giant Mitsubishi have been hit by a series of cyberattacks.

Mitsubishi Electric has been reportedly hit by a data breach, whereas Dopple ransomware ops claim they had stricken the systems of Mitsubishi Polycrystalline Silicon America Corporation this month.

Mitsubishi Electric hit by another data breach

Mitsubishi Electric has fallen victim to a cyberattack a second time since January this year, according to a report.

Yesterday, the company’s executives said they were verifying details of 8,653 accounts involved in business transactions to assess the impact of the breach, and if sensitive banking information was leaked.

In the January attack, “highly confidential information” from public sectors including defense, railways, and electric power supply had been reportedly stolen.

Mitsubishi Polycrystalline plant allegedly hit by ransomware

As observed by Security Report, the leak site of Dopple ransomware ops lists a small number of files that appear to belong to a Mitsubishi Polycrystalline production facility in Alabama.

An invoice leaked by Dopple ransomware ops
Source: Security Report

Dopple operators leaked a total of 5 documents on November 5, 2020, indicating the breach had occurred on or before this date.

The latest timestamp present on one of the leaked employee timesheets is September 28, 2020.

However, based on the small number of leaked documents with limited information as seen by Security Report, it appears the cyberattack was limited to a single facility, maybe even an isolated workstation.

At this time, not much information is available as to what steps Mitsubishi companies have taken to prevent future breaches like these.

The repeated attacks on Mitsubishi companies seem to be work of skilled threat actors, given Mitsubishi plays a major role in powering Japan’s national security systems and infrastructure.

About the author

Ax Sharma

Ax Sharma is an Indian-origin British security researcher, journalist and TV subject matter expert with a focus on malware analysis and cybercrime investigations. His areas of interest include open source software security, threat intel analysis, and reverse engineering. Frequently featured by leading media outlets like the BBC, Channel 5, Fortune, WIRED, The Register, among others, Ax is an active community member of the OWASP Foundation and the British Association of Journalists (BAJ).

See author's posts