The platforms of most Japanese political parties in the run-up to Sunday’s lower house elections emphasize the importance of strengthening the country’s cybersecurity capabilities amid growing threats from abroad.
The focus is on whether the next administration will aim to pass a bill introducing “active cyber defense,” a concept that would take preemptive measures, such as shutting down an enemy’s server with a computer virus, if necessary, if signs of a cyber attack are detected. One.
As the skills of cyber hackers become more sophisticated, Japan is exhibiting greater vulnerabilities that could lead to large-scale national security and information breaches, extortion, or disruption to critical infrastructure.
A photo taken on January 23, 2024 shows a new base established by GMO Internet Group, Inc. in Tokyo to combat cyber attacks. (joint)
Japan lags behind other developed countries in the cyber field, as limited public-private cooperation and constitutional constraints prevent the accumulation of knowledge about attack capabilities and the government’s ability to gather signals intelligence.
Earlier this month, Shigeru Ishiba, in his first parliamentary policy speech since becoming prime minister, stated, “In order to strengthen the country’s cybersecurity, we will accelerate discussions on the introduction of active cyber defense.”
His comments are reflected in the ruling party’s election platform released on October 10, which emphasizes the need for active cyber defense to raise Japan’s cybersecurity capabilities to at least the level of the United States and major European countries. I am doing it.
Discussions are likely to accelerate in Japan as well. Both the ruling and opposition parties are pushing for legislation, and the Liberal Democratic Party-led government may aim to pass a bill to introduce active cyber defense by the end of this year.
February 5, 2024, Tokyo Metropolitan Police Department and private companies conduct training to deal with cyber attacks (Kyodo News)
Other political parties, including the Liberal Democratic Party’s junior coalition partner Komeito and the opposition Democratic Party of Japan, have also emphasized the need to acquire active cyber defense capabilities for Japan’s economic security.
The main opposition parties, the Constitutional Democratic Party of Japan and the Japan Restoration Party, have not directly mentioned these actions, but both argue that Japan needs to take measures to protect its cyber domain.
The Japanese government updated its national security strategy at the end of 2022. Former Prime Minister Fumio Kishida has promised to introduce aggressive cyber defenses to proactively protect “national security infrastructure” and introduce related legislation early this year.
However, the Kishida administration postponed submitting the bill to the Diet, and there was growing concern among members of the ruling party that the bill could violate the confidentiality of communications guaranteed by the Constitution.
In August, a government panel of experts issued an interim report saying that while monitoring foreign communications is particularly important, collecting personal information from email and other systems during surveillance activities is inappropriate.
Souda Yukimi, chief cybersecurity evangelist at Proofpoint Japan, said the problem could be solved if governments looked at private metadata, which describes, for example, when and where an electronic or digital record was sent, rather than its contents. He said it was possible.
The bill is seen as essential to combating the rise in cyberattacks from countries such as China, Russia and North Korea, which have publicly and secretly supported hacking organizations working in their national interests.
As a recent trend, there has been a sharp increase in ransomware attacks in which attackers hold users’ systems and data hostage by encrypting content and demanding money in exchange for the decryption key, said NTT Corp.’s Chief Cyber Security Officer. said Mihoko Matsubara, security strategist.
According to Japan’s National Police Agency, the number of ransomware attacks remains high, with 114 incidents reported in the first half of this year, up from 94 in the second half of 2023. The data stolen in these attacks is said to be publicly available on the dark web.
According to Sota, Russia has significantly stepped up its cyberattacks since the February 2022 invasion of Ukraine in retaliation against countries that imposed economic sanctions on Russia, while China has strengthened its People’s Liberation Army’s cyber force. It is said that there is.
A screenshot taken on June 27, 2024 shows a message from a Russian-linked hacker group that claimed responsibility for a cyberattack on Japanese video streaming site Niconico. (joint)
In one obvious example, a Russian-linked hacker group called BlackSuit launched a brutal ransomware attack on servers in the data center of Japanese publisher Kadokawa Shoten, threatening to destroy the company’s video streaming website NicoNico in 2024. It was forced to suspend operations.
Sota said he realized that Conti, the predecessor to Black Suits, had ties to Russia’s Federal Security Service after analyzing files and data that were intentionally leaked online by former members of the former organization.
Citing the 2023 incident in Nagoya Port where Toyota Motor Corporation’s shipping hub ship was unable to load and unload containers due to a ransomware attack, Matsubara said that cyberattacks by such groups could disrupt Japan’s “supply chain.” ‘ he warned.
The Japan Aerospace Exploration Agency has also been hit by multiple cyberattacks since 2023. JAXA’s systems, which the agency announced in July did not contain “classified information” related to space operations, were apparently compromised by Chinese hackers.
“Protecting our way of life and the critical infrastructure that supports both our daily activities and national security from destructive cyberattacks in the digital age is becoming increasingly difficult,” Matsubara said. “That’s why I believe active cyber defense aims to minimize harm to the nation.” Security due to cyber attack. ”
