14 DAY TRIAL // Usernames and passwords belonging to the lawmakers of Japan were stolen after a cyberattack targeted the Lower House computer network.
According to The Asahi Shimbun, the network had been vulnerable from August and until the hit was discovered cybercriminals had access to official emails and documents that belonged to the members of the institution.
It looks as the infection originated from a malicious email that tricked someone into opening a virus-containing attachment back in July. As a result, a server and some PCs were infected with a password-stealing trojan that got its juice from China.
It was enough for a single computer to get infected and the virus started spreading with ease throughout the entire infrastructure.
Unfortunately for them, the server contained ID codes and passwords which allowed the mastermind behind the operation to roam freely and access classified data.
It's very likely that the attack truly originated from China, as we all know the Chinese are certainly not saints, but that doesn't mean that someone else couldn't have planted a couple of bots there.
There is also the possibility that a regular “civilian” virus got by accident on the computers of the Japanese parliament and once the cyberattacker realized what he'd found he took advantage.
An attack doesn't necessarily has to target a company. It may very well end up there by mistake as we've all seen what unknowing employees might cause when they're not properly trained to handle Internet threats.
Sensitive information stolen from a company or even a state institution might worth nothing to a hacker, but it can surely be valuable for competitors. Cyber thieves will in many cases go after an organization with the intention of selling their findings to the highest bidder and the bigger the victim is, the more likely he will find a customer for his loot.