Mitsubishi Electric, which manufactures electronic goods ranging from household items to defense equipment, announced that they were the victims of a cyber-attack sometime last year. The intrusion came to light for the company last June when it detected unauthorized access to an in-house terminal, described by the company as “suspicious movement” without any further details to clarify what happened. It is possible that the company detected an attacker with control of a workstation leveraging stolen credentials to access the terminal, which is a common attacker technique known as lateral movement. Mitsubishi confirmed that there was no breach of sensitive data related to infrastructure projects that it is involved in but did state that it may have compromised both personal data of employees and “corporate data.” No further details of how the initial infection took place or what kind of “corporate data” that were targeted have been released at this time.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased