|
| Confidential information about power plant
security has been released onto the internet. |
Experts at SophosLabsâ„¢, Sophos's global
network of virus, spyware and spam analysis centers, have reminded
companies of the importance of computer security after it was
revealed that sensitive information about power plants has been
leaked onto the internet from a virus-infected computer for the
second time in less than four months.
According to a Japanese media
report, sensitive security information about a thermoelectric
power plant run by the Chubu Electric Power Company has been leaked
onto the internet following a virus infection.
The virus, which has not been named in the reports, is said to
have spread documents regarding the plant's security arrangements,
the names and addresses of its security personnel, and other
confidential information via the popular Share file-sharing
program. The incident occurred after the 40-year-old security
employee installed Share on his computer in March.
Only four months ago, the power company suffered from a similar
problem when they announced
that more sensitive information was leaked via the Winny
file-sharing program. At the time the company said it would
prohibit the installation of file-sharing software on employees'
computers and better educate its staff regarding safe use of the
business's data.
"There have been a series of viruses written specifically to
leak information from infected PCs onto Japanese file-sharing
networks, causing embarrassing headlines for the companies
concerned. Questions will surely be asked whether sufficient steps
were taken to curb the problem back in January," said Graham Cluley, senior
technology consultant for Sophos. "Data breaches like this are
serious, and catapult sensitive information that should be kept
confidential into the public domain for anyone to download. All
businesses need to take steps to ensure that employees' use of
company data is secured and controlled."
The power plant data breach is just the latest in a series of
high profile cases where viruses have leaked information from
organizations in Japan:
- Last month, a Japanese anti-virus company admitted that internal
documents and customer information had been leaked after one of its
employees failed to install anti-virus software.
- Earlier this year, Sophos described
how information about Japanese sex victims was leaked by a virus
after a police investigator's computer had been infected.
- In June 2005, Sophos reported
that nuclear power plant secrets had been leaked from a computer
belonging to an employee of Mitsubishi Electric Plant
Engineering.
- The police force in Kyoto, Japan, were left with red faces
after a virus spread
information about their "most wanted" suspect list in April
2004.
Sophos recommends companies protect their email gateways,
desktops and servers with an automatically updated consolidated solution to defend against the
threats of viruses, spyware and spam.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.