Mitsubishi Needs a Mainframe (Updated)

Mitsubishi Heavy Industries (MHI), Japan's top defense contractor, has discovered targeted viruses on more than 80 of its servers and PCs. Japanese Defense Minister Yasuo Ichikawa is assuring the public that the viruses didn't transmit the weapons plans stored on those computers to another party, but the truth is that nobody knows for sure yet. The Japanese government has ordered MHI to undertake a full investigation, and ministers are quite angry MHI didn't report the incident much earlier. It's an extremely serious security breach.

The Chinese government denies that it was responsible for the viruses. However, most governments spy on other governments. There are other reported attacks targeting defense contractors and Japanese government agencies, but the perpetrator is still unknown.

I know a bit about MHI. MHI is a very big, complex company. Among its many subsidiaries and affiliated companies, MHI has some in-house information technology talent, and some of their people have strong IBM mainframe skills. Unfortunately, as evident in press accounts, MHI did not employ an IBM mainframe as its secure system of record for these weapon designs, which include designs for submarines, missiles, and destroyers. I hope that MHI will leverage its own mainframe-skilled people to support these high security requirements and other mission-critical applications. While the incident is quite bad, the important part now is to learn and to adapt — and to use the right server technology for the mission.

See also Sony Needs a Mainframe and About "(Blank) Needs a Mainframe."

UPDATE #1: DigiNotar, the Dutch certificate authority (which reminds me of CardSystems), is now bankrupt. Hackers penetrated DigiNotar then generated signed SSL certificates which resembled authentic security certificates for Google, Facebook, Yahoo!, and other major Web sites. Hundreds of thousands of people, many in Iran, probably including many democratic movement leaders, then had their formerly secure Web browser sessions intercepted through so-called "man in the middle" attacks. Considering the results of a security audit, DigiNotar needed a mainframe. But it's too late for DigiNotar.

UPDATE #2: Microsoft, which I mentioned last month, still needs a mainframe.

by Timothy Sipples September 20, 2011 in Security


TrackBack URL for this entry:

Listed below are links to weblogs that reference Mitsubishi Needs a Mainframe (Updated):


great list, there are things on there that I haven’t thought about before

Posted by: Locksmith in Charlotte Nc | Sep 25, 2011 11:01:57 PM

This is a massive worry and it's not the first time i have heard this.

Posted by: Skip Hire | Oct 24, 2011 5:51:54 AM

The comments to this entry are closed.

The postings on this site are our own and don’t necessarily represent the positions, strategies or opinions of our employers.
© Copyright 2005 the respective authors of the Mainframe Weblog.