Government and private sources have indicated that Chinese state-backed hackers are believed to be responsible for this breach, which began in autumn and was only discovered in June. The incident has raised significant concerns about Japan’s cybersecurity, particularly as it deepens military cooperation with the US and other allies.

Japan’s cybersecurity data breach a stark reminder of global cyber risk

Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) has suffered a major cyberattack that went undetected for about nine months, potentially exposing sensitive data.

Government and private sources have indicated that Chinese state-backed hackers are believed to be responsible for this breach, which began in autumn and was only discovered in June. The incident has raised significant concerns about Japan’s cybersecurity, particularly as it deepens military cooperation with the US and other allies.

The timing of this breach is significant as Japan engages in overseas collaboration initiatives, such as a joint fighter project with the UK and Italy that involves sharing top-secret technological data. Adding to the sensitivity of the incident, cybersecurity experts in the US and UK have expressed reservations about Japan’s ability to secure such data in recent times.

Doubts were voiced following reports of a massive cyberattack on Japan’s defence networks by Chinese military hackers in late 2020 and a recent ransomware attack on the port of Nagoya, possibly by Russian actors. NISC disclosed in August that personal data related to email exchanges from October to June may have been compromised in a breach that seems to have originated from an individual staff member’s email account.

NISC, a unit within the Japanese government, has since begun an investigation to determine whether hackers accessed other sensitive servers within the government building.

Although an official at NISC did not confirm the identity of the hackers, some sources suggest Chinese involvement, citing the style of attack and the target’s nature. China’s foreign affairs ministry has denied responsibility, instead pointing the finger at US cyber espionage against Japan.

More broadly, Japan’s efforts to enhance its cybersecurity capabilities have been hindered by a shortage of personnel and digital expertise. The country has focused on expanding and training its cyber unit within the Self-Defence Forces, which remains significantly smaller than its counterparts in the US and China.

Know the risks

News of the cyberattack on Japan’s NISC raises serious concerns about the country’s cybersecurity preparedness, but it also serves as a reminder of the cybersecurity risks that organisations across all sectors face. 

These themes are addressed next month at #Risk Amsterdamwhere experts will debate the global cyber-threat and what companies can do to shore up digital defences.

Not to be missed:

  • Session: Harmony or Chaos? The Future of Privacy – What to Expect in 2024 and Beyond
  • Date: Wednesday 27 September, 2023
  • Location: Privacy, Security & ESG Theatre
  • Time: 11:00pm – 12:00pm (CET)

In this roundtable discussion, data protection leaders discuss the future of privacy, focusing on upcoming developments in privacy laws and technologies, and helping you understand how your organisation can prepare for these changes.

  • Session: Head in the Clouds: Strategies for Protecting Data and Infrastructure
  • Date: Thursday 28 September, 2023
  • Location: Privacy, Security & ESG Theatre
  • Time: 14:00pm – 15:00pm (CET)

CLICK HERE FOR THE FULL #RISK AMSTERDAM AGENDA

Panellists examine the unique challenges of securing data and infrastructure in the cloud, and provide insights into the strategies and tools you can use to protect against cyber threats. 

Focus falls on the role of cloud service providers in ensuring the security of their platforms, and the importance of collaboration and communication between organisations and their cloud service providers.

Attendees will gain a comprehensive understanding of the challenges and opportunities of cybersecurity in the cloud, and learn about the strategies and tools available for protecting your organisation’s data and infrastructure.

With over 50 exhibitors, keynote presentations from over 100 experts and thought leaders, panel discussions, and breakout sessions, #Risk Amsterdam 2023 is the perfect place to learn about the present and future risk landscape.

Click here to register for #RISK Amsterdam

RISK-Amsterdam-black

Do you know what data is being used to ‘train’ the AI in your organisation? 

Do you have a process for managing ‘risk’ in the use of AI? 

Are employees being trained in the use of AI? 

Attend #RISK to learn & knowledge share:

Learn more about #RISK Amsterdam – 27th & 28th September 2023

LEARN MORE ABOUT #RISK LONDON  – 18th & 19th October 2023

RISK-LONDON+BLK