In a recent incident that shook Japan’s cybersecurity landscape, the Port of Nagoya, the country’s largest port, fell victim to a ransomware attack. The attack, carried out using the Lockbit 3.0 ransomware, resulted in a two-day halt of operations, causing significant disruptions to exports and imports, including those of renowned automaker Toyota.
This event, although not an isolated case, marked a turning point for Japan’s cybersecurity vulnerabilities. Cyberattacks have been on the rise across the nation, with the National Police Agency reporting 230 ransomware attacks in 2022 alone.
Ransomware, a malicious software that encrypts data and demands payment for its release, has become a pressing concern in Japan. According to Paul S. Ziegler, the founder and CEO of cybersecurity consulting company Reflare, ransomware attacks have become increasingly prevalent globally, and the Lockbit 3.0 ransomware is among the more sophisticated tools available to cybercriminals.
Identifying the perpetrators of such attacks and determining their motives is a challenging task. The Port of Nagoya incident was characterized as a “run of the mill” attack by Ziegler, highlighting the broader threat landscape that Japan faces in cyberspace.
Japan’s journey towards bolstering its cybersecurity defenses has seen progress over the past decade. However, there is still room for improvement. A notable issue lies in the aversion to change among Japanese corporations, many of which continue to rely on outdated technology and systems that are less secure.
Ziegler emphasizes the need for a paradigm shift in Japan’s approach to cybersecurity. He suggests that the country must embrace digitalization and transition from outdated technologies like floppy disks to more secure transmission systems. Additionally, age-oriented hierarchies within companies must be reevaluated to empower IT teams and foster a culture of cybersecurity awareness.
Small and medium-sized companies face particular challenges in enhancing their cybersecurity measures. Tetsutaro Uehara, a professor of information security at Ritsumeikan University, highlights the decreased level of security in smaller companies due to the lack of dedicated IT personnel. This vulnerability leaves them susceptible to recurring attacks, as seen in the case of Kojima Industries.
Similar vulnerabilities extend to local municipality offices and hospitals, where the absence of IT professionals heightens the risk of cyberattacks. Uehara emphasizes the importance of organizations finding individuals with the necessary skill set to protect their information systems, as cyberattacks continue to escalate in Japan.
Recognizing the urgency of the situation, the Japanese government has taken steps to combat cyber threats. Various departments, including the National Center of Incident Readiness and Strategy for Cybersecurity (NISC), have established dedicated cyberattack prevention teams. Naohiko Kakimi, a public relations official at NISC, highlights the rapid development and increasing complexity of cyberattacks. The government aims to raise awareness among all agencies regarding cyberattack prevention measures and continuously strengthen its own defenses.
While Japan has made strides in improving its cybersecurity, the recent ransomware attack on the Port of Nagoya serves as a reminder of the ongoing risks. The nation must address its aversion to change, bolster the cybersecurity measures of small and medium-sized businesses, and continue to invest in building a resilient cybersecurity framework. By doing so, Japan can enhance its position in the global fight against cyber threats and safeguard its critical infrastructure and sensitive data.