Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Japan Cyber Security. Show all posts
MirrorFace
Cyber Defence Cyber Security DDoS Hacker attack Hacker group Japan Japan Cyber Security MirrorFace

Japan’s New Active Cyber Defence Strategy to Counter Growing Threats

 

Japan is taking decisive steps to enhance its cybersecurity through a new strategy of “active cyber defence.” This approach enables authorized hackers working for the police or Self-Defence Forces (SDF) to infiltrate servers and neutralize cyber-attack sources before they cause significant damage. The ruling Liberal Democratic Party (LDP), led by Prime Minister Shigeru Ishiba, plans to introduce relevant legislation during the current parliamentary session. The urgency for stronger cybersecurity measures has escalated due to recent attacks. 

The National Police Agency (NPA) revealed that the Chinese state-linked hacking group MirrorFace was responsible for over 200 cyberattacks targeting Japan’s foreign ministries and semiconductor industry between 2019 and 2024. Additionally, cyber incursions since late December 2024 disrupted financial services, delayed flights, and exposed vulnerabilities in Japan’s critical infrastructure. Japan’s revised 2022 National Security Strategy identifies cyberattacks as a growing threat, likening cross-border hacks of civilian infrastructure to intimidation tactics that stop short of war. 

This has prompted Japan to expand its SDF cyber unit from 620 members in March 2024 to about 2,400 today, with plans to reach 4,000 personnel by 2028. However, this remains small compared to China’s estimated 30,000-member cyber-attack force. The proposed active defence strategy aims to bolster cooperation between public and private sectors, focusing on safeguarding critical infrastructure, such as energy, transportation, finance, and telecommunications. Japan also plans to establish a National Cyber Security Office in 2025 to coordinate cybersecurity policy, identify vulnerabilities, and advise private sector organizations. 

To prevent misuse, strict safeguards will accompany the strategy. Hackers will need prior approval to break into servers unless immediate action is required during active attacks. Penalties will address excessive monitoring or personal data leaks, ensuring transparency and public trust. Trend Micro’s recent findings underscore the importance of these measures. The security firm attributed recent cyberattacks to distributed denial-of-service (DDoS) campaigns launched by botnets. These attacks overwhelmed network servers with data, causing widespread disruptions to services like Japan Airlines and major banks. 

While Japan’s proactive approach is a significant step forward, experts like Professor Kazuto Suzuki caution that it may not deter all attackers. He notes that cyber deterrence is challenging due to the unpredictability of attackers’ methods. However, this strategy is expected to instill some fear of retaliation among hackers and strengthen Japan’s cybersecurity posture. As cyber threats evolve, Japan’s active defence initiative represents a critical effort to protect its infrastructure, economy, and national security from escalating digital risks.
Read more »
Telegram
Check Point Cyber Crime DDOS Attacks Japan Cyber Security Killnet Russian Hackers Telegram

Killnet Targets Japanese Government Websites

According to investigation sources on Wednesday, the Tokyo Metropolitan Police Department intends to look into the recent website outages of the Japanese government and other websites that may have been brought on by cyberattacks by a Russian hacker organization.  

As per Chief Cabinet Secretary Hirokazu Matsuno, the government is apparently investigating if issues with the aforementioned sites were brought on by a denial-of-service (DDoS) attack. 

As per experts, access to the government's e-Gov portal website, which provides a wealth of administrative information, temporarily proved challenging on Tuesday.  

The pro-Russian hacker collective Killnet claimed responsibility for the attack and alleged it had attacked the electronic system of the tax authority and Japan's online public services in a post on the messaging app Telegram. Furthermore, it appeared that the hacker collective wrote that it was an uprising over Japan's 'militarism' and that it kicked the samurai. 
 
However, as per Sergey Shykevich, manager of Check Point Software's threat intelligence group, Killnet was likely responsible for these attacks.  

Killnet's justification for these strikes, according to Shykevich, "is owing to Japan's support of Ukraine in the ongoing Russia-Ukraine war, as well as a decades-long dispute over the Kuril Islands, which both sides claim control over."

As per the sources, the MPD will look into the cases by gathering specific data from the affected businesses and government bodies. The National Police Agency will assess whether the hack on the e-Gov website qualified as a disruption that materially impairs the operation of the government's primary information system as defined by the police statute, which was updated in April.

The cybersecurity expert added that firms in nations under attack by Killnet should be aware of the risks because the group employs a variety of tactics, such as data theft and disruptive attacks, to achieve its objectives. 

Following a recent large-scale attack by Killnet on websites in Italy, Lithuania, Estonia, Poland, and Norway, there have been allegations of attacks targeting Japanese government websites.





Read more »
Japan Cyber Security
Data Breach data security Fake Apps Japan Cyber Security

New Android Spyware Threat Poses as Antivirus in Japan

 

Japanese cybersecurity intelligence recently identified the latest advanced mutant of the FakeCop info stealer impersonating a legit privacy service provider Android app by NTT Docomo known as ‘Anshin Security.’ 

In the wake of the attack other antivirus service companies are on red alert as spyware acquires a wide range of users’ data by promising protection against the spyware. The fake app offers an anti-virus tool against the spyware but it instead installs malware on the user’s device. 

According to the cybersecurity firm Cyble, spyware sends a malicious APK in phishing links via email or SMS imitating the Japanese company KDDI. Alongside, the malware has also been identified as being recorded on 22 out of 62 AV engines on VirusTotal, which hints at the fact that the malware has been developed to stay hidden across many parameters. 

Hackers collect confidential information of users such as contacts, accounts information, SMS, and apps list. It does not end here, hackers also alter or delete SMSs in the device database, device hardware information (IMEI), and send SMS without the user’s knowledge. 

Further, for users' safety, the organization will look into other antivirus software and flag them as malicious. Users are suggested to remove the current app and use the latest versions of Google Play Protect, activate them. Lastly, users are also recommended to avoid clicking on unidentified links.

Security experts say that supposedly, FakeCop has similar origins as Flubot and Medusa as similar to these two malware, it also employs free dynamic DNS 'duckdns.org' to deliver.
Read more »
Russia
Cyber Security Japan Japan Cyber Security National Cyber Security Russia

Japan mentioned Russia in its new cybersecurity strategy

The Japanese government on Tuesday officially approved a new three-year cybersecurity strategy, where Russia, China and North Korea are mentioned for the first time as potential sources of hacker attacks. The document is published on the website of the Cyber Strategic Headquarters of Japan.

Japanese Foreign Minister Toshimitsu Motegi said at a press conference in Tokyo that the sphere related to security guarantees is expanding. The importance of such areas such as cyberspace and space security is growing.

According to him, the security situation around Japan is becoming increasingly severe. It is believed that China, Russia and North Korea are strengthening their potential in cyberspace, and the instability of the world order is also increasing.

He added that Japan, based on the adopted strategy, will increase its capabilities to counter attacks by foreign hackers.

The document claims that China conducts cyber attacks in order to obtain military and other advanced technologies, and Russia allegedly to achieve beneficial military and political goals in other countries. According to the approved strategy, to strengthen the cyber potential, Japan intends to work closely with the participants of the Quadrilateral Security Dialogue, which also includes Australia, India and the United States.

It should be noted that in Japan, more than 4 thousand attempts of illegal penetration into various computer networks and systems are recorded annually. In particular, large electrical engineering corporations NEC and Mitsubishi Electric have become victims of intruders in recent years.

Western countries have repeatedly made allegations that Russia is involved in various cyber attacks, including against US government agencies and companies. The Russian side has consistently denied these accusations. In particular, the press secretary of the President of the Russian Federation Dmitry Peskov said earlier that Moscow is not involved in such hacker attacks.

Read more »
Subscribe to: Posts (Atom)