Slashdot Mirror
Mitsubishi Hack Stole Nuclear, Defense Data
judgecorp writes "When Mitsubishi announced in September it had been hacked in August it was criticized for keeping quiet for a month. Now it appears that the attackers got nuclear power plant and military aircraft details according to sources quoted in the Japanese media."
I can speak from a little bit (and I stress 'little bit') of inside information on this particular topic in that MHI spends far less on IT than you could possibly imagine. What's more, their reliance on outside sources for their services and support is frightening.
At the end of the day, we live in the information age and the most precious things we have is information. And to spend as little as they do protecting it, one has to think they are doing it wrong and suffer from some really bad or old ideas.
But you know, Japan is pretty bad about that in general. They are still largely a "job for life" company which means their business culture doesn't vary much. They don't see or understand how others do it. So whatever service and support they get, it's "normal" to them. And new ideas are foreign ideas... and we already know how they are about foreign ideas.
It actually kinda makes me angry that they sat on the information the way they did... same as the way TEPCO sat on critical data and information surrounding the Fukushima disaster. And I have to say that it was "confirmed" in August that it happened. Do you have any idea how long it takes for them to "confirm" something like this? In my experience, they first got the hint probably a month prior or even more. Their notion of proof requires a LOT of evidence -- they are very thorough, detailed and complete in this way.
TEPCO and MHI were and are very slow to respond to emergencies and care more for their "face saving" than resolving problems. Perhaps I am just an American judging them by American standards and ideals. But I have to say I believe resolving the problems and learning important lessons would come first with me and it doesn't seem to come first with them.
I grew up in the States but am east Asian by ethnicity/heritage and have some knowledge of east Asian culture (though obviously my parents didn't think too highly of it, otherwise they probably would've made a more concerted effort to educate/indoctrinate me about it).
The concept is quite simple, it's primarily about bolstering external perception in order to promote the reputation of a group that one self-identities with - be that the family, the company, or the country. You define an in-group and an out-group, and within the in-group honesty and transparency is permitted (at least with respect to the domain of the in-group, you're not going to be sharing family secrets with your co-workers, for example). However, when it comes to the out-group, every effort is made to give the appearance that activities within the in-group are efficient, successful, "harmonious" (i.e. lack of conflict between members of the in-group) - in other words, bury all dirty secrets and make everything look utopian, even if it isn't. Transparency is discouraged because it is bad PR, and members of the out-group (i.e. the rest of society) are expected to have lower expectations as to the amount of information that is provided through "official" channels. So in order to obtain such information, members of the out-group turn to gossip, espionage, etc.
I wouldn't say that "Western" culture (I hate that term because I reject the existence of that distinction as philosophically valid) doesn't practice "face-saving" to some degree, it just isn't taken to the extremes that it is in east Asia because of societal expectations regarding transparency and accountability. I for one think that this is one area where people in China, Korea, and Japan can learn a lot from "Western" countries. After all, face-saving is simply an aspect of tribalism, institutionalized.
Cogito, ergo sum, fosho!