Fujitsu shuts down ProjectWEB after a massive hack

The hack was aimed at Japanese government agencies

Tech giant Fujitsu suffers from a cyber attack

In the wake of a massive cyberattack, Japanese tech-giant Fujitsu^[1] has temporarily closed its cloud-based enterprise collaboration and file-sharing platform ProjectWEB. It was running since the mid-2000 and is a very popular software-as-a-service (SaaS) platform that both the private sector and various Japanese government entities use. It allows organizations and companies to exchange information internally.

Representatives of the tech giant have reported that cybercriminals have gained access to the ProjectWEB and may have stolen a lot of sensitive data. However, it is not yet known how the hackers gained access, either through a vulnerability or supply-chain attack. The whole magnitude of the attack is yet to be determined as the investigations are still ongoing.

Either way, Fujitsu's platform is closed, pending further notice. The company has stated:^[2]

Fujitsu is currently conducting a thorough review of this incident, and we are in close consultation with the Japanese authorities. As a precautionary measure, we have suspended [the] use of this tool, and we have informed any potentially impacted customers.

Hackers gained access to multiple Japanese institutions inside information

Cabinet Cyber ​​Security Center (NISC) is investigating the cyberattack which occurred on May 24, 2021. The Ministry of Land, Infrastructure, Transport, and Tourism has confirmed that, as far as they know, at least 76,000 email addresses and proprietary information were stolen. It was reported^[3] that the attack affected these Japanese government institutions:

• Ministry of Land, Infrastructure, Transport, and Tourism;
• The Ministry of Foreign Affairs;
• The Cabinet Secretariat;
• The Narita Airport.

Despite the stolen email addresses and proprietary information, such as email system settings, the cybercriminals also managed to get their hands on data from the Narita Airport, located near Tokyo. According to reports,^[4] the data included flight schedules, air traffic control data, and information on business operations.

Although Japanese authorities investigating the incident didn't yet disclose whether anything is known about the assailants, all affected parties have been informed about taking precautionary measures and instructed to disclose information about any breaches or data leakage.

Cybercriminals are looking for vulnerabilities to attack government offices

Some cybercriminals are attacking companies and governments driven by money, some by fame, while others could do it just for the fun of it. Fujitsu hack isn't the first attack against Japanese government institutions, as a bit earlier this year, another file-sharing platform, called FileZen, was breached.

The popular file-sharing network appliance is created by the Soliton company and helps interested parties to overcome size limitations by sharing large files. The assailants were exploiting two vulnerabilities in the system to steal sensitive data from businesses and government organizations. It was reported^[5] that one of the affected institutions was the Japanese Prime Minister’s Cabinet Office. Further details about the incident were not disclosed.

The Fujitsu hack and the FileZen attack are similar to the Acceliomn cyberattacks (also known as FTA Zero-day attacks), which happened earlier this year. But Japanese government agencies aren't the only ones being targeted by cybercriminals. Last year, Canon Inc, a Japanese multinational corporation specializing in optical, imaging, and industrial products, was hit by a ransomware attack, which has paralyzed its US website, email services, and various internal applications.