The Internal Affairs and Communications Ministry is planning to carry out mock cyberattack tests on the computer networks of local governments in fiscal 2025. This initiative aims to enhance the security of local governments by identifying system vulnerabilities. The ministry has included a budget request for this project, although the specific amount has not been disclosed.
In light of recent events, such as the ransomware attack on media and digital business group Kadokawa Corp., where personal information of approximately 250,000 individuals was stolen, it has become crucial to strengthen security measures. Local governments have already implemented measures to prevent network intrusions by detecting unauthorized access or suspicious emails. These security enhancements were prompted by a previous breach that affected Japan Pension Service in 2015.
However, concerns remain regarding potential compromises in residents’ personal information if any unnoticed vulnerabilities exist within local government security systems. To address this issue, the ministry plans to conduct penetration tests that simulate internet-based attacks. These tests will be modeled after similar assessments carried out on central government agencies.
Importantly, these mock cyberattacks will be conducted in a manner that does not disrupt resident services. The ministry intends to gather feedback from participating local governments regarding their concerns and requests before finalizing the targets and methods for these simulated attacks.
By conducting these mock cyberattack tests, the Internal Affairs and Communications Ministry aims to proactively identify weaknesses in local government systems’ security infrastructure and take appropriate measures to mitigate potential risks.