Initial Disclosure Date: Jan 20, 2014
It is believed that a major Japanese publisher, KADOKAWA’s website (http://www.kadokawa.co.jp) was compromised between 0049JST on January 7 and 1307 JST on January 8, 2014. During that time, approximately 10,000 accesses were made to the website in total. A non-KADOKAWA employee emailed the company to notify the possibility of the hacking around 1100 JST on the 8th. KADOKAWA had its outsourced company to maintain its server to start investigation at 1130 JST. The contractor confirmed the incident, fixed the issue at 1307 JST, and finished taking security procedures at 1642 JST on January 8.(footnote:1)
According to a Symantec Official Blog dated January 14th, the culprit exploited five vulnerabilities of the website such as Java and Adobe Flash Player and lured website visitors to two malicious fake online banking websites which host Gongda Exploit Kit in order to steal their ID and passwords. One of them is a local Japanese bank probably because its security level is not as robust as major banks. The Symantec blog did not identify what is “a major Japanese book publisher and distributor” is at that point.(footnote:2)
At 2118 JST on January 16, NHK News reported that the hacked website belongs to KADOKAWA.(footnote:3) After that, KADOKAWA finally released an online apology and report about the incident at 2300 JST. The company insisted that they had not confirmed any leak on personally identifiable information as of January 16th.(footnote:4) However, the press release did not explain what kind of damage malware infection would bring.(footnote:5) KADOKAWA’s Public Relations says that the culprit hacked the server, not stealing the FTP password.(footnote:6)
The Public Relations admitted that it was problematic to take nine days to release the fact after the incident and the company should have issued a warning at much earlier timing.(footnote:7) Since it is becoming more difficult to prevent cyber-attacks, it is more important to enhance capabilities to respond to such attacks and recover from damages.
Sources:
日立システムズは、システムのコンサルティングから構築、導入、運用、そして保守まで、ITライフサイクルの全領域をカバーした真のワンストップサービスを提供します。