Defense Contractor, Japan Aviation Electronics, Falls Victim to a Cyber Attack

By Sarah Braithwaite on December 8, 2023

Executive Summary:

 

Japan Aviation Electronics (JAE), a prominent aerospace and electronics manufacturer and defense contractor, has recently become the target of a cyber-attack. The attack, which was distributed by ransomware group ALPHV/BlackCat, was confirmed by JAE after the company was made aware of a listing on the dark web used by ransomware groups to showcase their victims. The attackers left minimal details into the breach, leaving uncertainties about the tactics that were used to gain access into systems. JAE provided a statement revealing that an external party had gained access to the company’s systems and will be investigating the damage. JAE suspended their own website and certain systems, which caused a delay in communication and production. This incident has added heightened concern about cyber threats against critical infrastructures in Japan, as it is one of many cyber incidents affecting the country in the recent months. Seiko, Casio, YKK, Eisai and other notable companies have fallen victim to cyberattacks or ransomware incidents in recent months (Greig, 2023). Millions of Japanese customers of insurance firms Zurich and Aflac were also affected by a breach earlier in the year.

 

Figure 1: JAE’s statement on unauthorized access. Source: JAE.com

Background:

JAE is a crucial player in the technology industry, specializing in the manufacturing and sale of interface solution equipment, connectors, auto flight systems, gyro devices, and many other tech and aerospace products. The company has an annual revenue of over $1.5 billion and has more than 10,000 employees (Petkauskas, 2023). The company’s manufactured technology is vital in various industries such as automobiles, flight control and navigation, industrial machinery, mobile devices, and space electronics. JAE is also a major defense contractor, contributing aerospace products and other technology to support national defense capabilities. 

 ALPHV/BlackCat ransomware group has been active since 2021 and operates as a ransomware-as-a-service (Raas) business. The group has recently gained notoriety from their attacks on MGM Resorts and Caesars Entertainment. This ransomware group is identified as one of the most active gangs, victimizing nearly 317 organizations worldwide in the last 12 months alone (Petkauskas, 2023). 

Impact:

The cyberattack on JAE resulted in a substantial impact on the company’s operations. In response to the attack, JAE suspended their global website to prevent any further unauthorized access. The suspension aimed to safeguard against potential infiltration of the website by the attackers. Additionally, the attacker’s infiltration caused issues with email communication, as some online systems were suspended as well. This resulted in delays with sending and receiving emails internally and externally, client communication, and business operations. While JAE has indicated that no information has leaked so far, the ransomware group claimed to steal sensitive documents, blueprints, contracts, and confidential messages, which leads to a possibility of a potential data leak. The potential exposure of blueprints and proprietary information could pose a significant threat to JAE’s competitive edge in the industry. Beyond operational disruptions, this attack also inflicted financial and reputational damages to JAE. The suspension of operations and the threat of data exposure contribute to potential financial losses including the cost of incident response, system restoration, and the possibility of legal action. The reputational damage, especially in an industry noted for reliability, can have lasting effects on client relationships and market perception. The compromise of critical infrastructure within the aerospace and electronics industry extends beyond this incident. It raises broader issues relating to national security and defense. The interconnectedness of supply chains within these industries contributes to the potential for cascading effects that not only impact JAE, but also other companies in the industry. 

Significance:

As a major aerospace and electronics manufacturer, JAE holds a crucial role in supporting national defense capabilities. JAE’s products and technology contribute to the development of national defense systems. The compromise of critical infrastructure raises concerns regarding potential vulnerabilities in defense systems and other sensitive technologies. The interconnectedness of the aerospace and electronics sectors working as defense contractors further introduces the potential ramifications of a broad data breach, which could put national security in jeopardy. A single data breach could set off a chain reaction, leading to a series of cyber-attacks and breaches on other companies within the same industry. The cyberattack on JAE serves as a reminder of the evolving tactics used by cyber threats. As attackers continue to refine their methods, the cyber threat landscape will be increasingly more sophisticated. The need for cybersecurity awareness is needed not only within organizations, but across industries on a national level.

References:

Greig, J. (2023, November 7). Japan Aviation Electronics says servers accessed during cyberattack. The Record from Recorded Future News. https://therecord.media/japan-aviation-electronics-says-servers-accessed-during-cyberattack

Petkauskas, V. (2023). Major Japanese defense contractor breached by ALPHV – Cybernews. https://cybernews.com/news/major-japanese-defense-contractor-breached-by-alphv/

Regarding unauthorized access to our server: Connectors – jae japan aviation electronics industry, ltd.. Japan Aviation Electronics Industry, Ltd. (n.d.). https://www.jae.com/en/topics/detail/id=104180

Staff, S. (2023, November 8). Cyberattack against Japan Aviation Electronics claimed by ALPHV/BlackCat. SC Media. https://www.scmagazine.com/brief/cyberattack-against-japan-aviation-electronics-claimed-by-alphv-blackcat 

Related Posts