In response to a surge in cyber attacks targeting its critical infrastructure, Japan is adopting a new strategy of active cyber defense. This proactive approach aims to bolster the country’s cybersecurity framework and mitigate risks to its crucial sectors.
Rising Cyber Threats
Surge in Cyber Attacks
In recent years, Japan has experienced a significant increase in cyber attacks against its government ministries, semiconductor industry, financial services, and aviation sector. Notably, a Chinese state-linked hacking group, MirrorFace, has been identified for numerous attacks between 2019 and 2024, targeting national security and advanced technology interests. The sophistication of these attacks underscores a substantial national security risk.
High-Profile Incidents
A series of high-profile cyber incidents have highlighted the need for an overhaul of Japan’s cyber defense approach. For instance, a December 2024 attack caused major disruptions in banking services and delayed numerous Japan Airlines flights. Additionally, a 2023 attack by a Russian-led cybercrime organization on the Port of Nagoya paralyzed operations for over 48 hours, emphasizing the vulnerability of Japan’s critical infrastructure.
Legislative Measures
Drafting New Bills
Japan’s ruling Liberal Democratic Party, led by Prime Minister Shigeru Ishiba, has drafted bills to enable an active cyber defense strategy. This strategy involves sanctioned hackers employed by the police or Self-Defense Forces (SDF) to neutralize cyber threats preemptively. These measures will be discussed in the parliamentary session starting on January 24.
National Security Strategy
Japan’s revised National Security Strategy document in 2022 recognized cross-border cyber attacks on critical civilian infrastructure as a “grey-zone” threat. This recognition has propelled Japan toward adopting more aggressive cyber defense tactics to prevent severe consequences without escalating to full-scale warfare.
Enhancing Cyber Defense Capabilities
Expanding Cyber Units
To address its vulnerabilities, Japan is significantly boosting its human resources in the cyber defense domain. The Ministry of Defense has increased the SDF’s cyber unit from 620 personnel in March 2024 to about 2,400 currently, with plans to expand further to 4,000 by March 2028. This expansion aims to bring Japan’s cyber defense capabilities on par with Western countries like the US and France.
Public-Private Partnerships
The active cyber defense strategy emphasizes strengthening public-private partnerships, particularly in 15 core infrastructure sectors such as electricity, gas, railways, shipping, aviation, telecommunications, and finance. The establishment of a National Cyber Security Office in 2025 will serve as a central hub for cybersecurity policy, providing guidance on vulnerabilities and advising on bug fixes.
Addressing Ethical and Practical Challenges
Safeguards and Penalties
To address concerns about potential overreach in surveillance, safeguards will be implemented. Sanctioned hackers would require prior approval to hack into servers suspected of harboring malicious activities, except in instances necessitating immediate action. Penalties will be instituted to prevent excessive monitoring and protect personal information.
Expert Opinions
Experts like Professor Kazuto Suzuki from the University of Tokyo highlight that while an active cyber defense strategy may introduce an element of deterrence, it alone may not suffice. The real challenge lies in the unpredictability of attackers’ methods and intentions, making it difficult to design a foolproof defensive strategy.
Evidence of Targeted Attacks
MirrorFace Campaign
The urgency for passing the planned bills is driven by tangible evidence of targeted attacks involving sophisticated methods. The National Police Agency confirmed Chinese government involvement in the MirrorFace campaign, labeling it as organized espionage. Attackers used phishing emails with compromising attachments, often mimicking trusted addresses to bypass security measures.
DDoS Attacks
Trend Micro’s investigations into recent DDoS attacks that disrupted services like those of JAL, financial institutions, and the Japan Weather Association represent another layer of the complex cyber threat landscape. Such attacks were orchestrated using botnets—a network of hijacked devices used en masse to flood target servers with traffic, causing them to malfunction.
Future Outlook
Proactive Measures
Japan’s new strategy reflects its acknowledgment of vulnerabilities and a decisive shift towards stronger cyber deterrents. By adopting an active cyber defense posture, Japan aims to mitigate risks to its critical infrastructure, safeguard sensitive information, and foster resilience against future cyber warfare.
National Cyber Security Office
In light of a surge in cyber attacks on vital sectors, Japan is shifting towards a new strategy known as active cyber defense. This policy aims to proactively strengthen the country’s cybersecurity measures, focusing on preventing future breaches and mitigating risks to its essential infrastructure. Japan, like many nations, faces increasing threats from cyber criminals who target critical systems that manage everything from energy to finance. By adopting this forward-thinking approach, Japan plans to not only defend but also counteract potentially devastating cyber threats. This initiative includes enhancing coordination between government agencies and private sectors and investing in advanced technology and workforce training for cybersecurity. Additionally, the government seeks to build international alliances to share information and strategies for combating cyber threats globally. This shift reflects Japan’s recognition that traditional defensive measures alone are insufficient in the current threat landscape. The new active cyber defense strategy represents a comprehensive effort to secure the nation’s digital infrastructure against ever-evolving cyber threats. Through this approach, Japan aims to ensure the safety and reliability of its critical systems, safeguarding both economic stability and national security.
