Japan considers creating new cyber defence agency as attacks ramp up in region

Japan is reportedly considering establishing a new organisation to protect the nation against cyber attacks, after the country has suffered a number of major incidents in the past few years.

If the country proceeds with the plans, the new unit will be created within the National Security Secretariat, a department that leads Japan's National Security Council, and tasked with advancing its cyber security capabilities.

The organisation will oversee cyber security across Japan's military and its National Police Agency if plans to establish it go ahead, according to a government source who spoke to Kyodo News.

To create the new organisation, the government is currently developing a new security budget for 2024. It’s set to expand on the function of the current National Center of Incident Readiness and Strategy for Cybersecurity (NISC).

NISC is responsible for promoting cyber security policies across the government and sharing information on attacks with ministries, agencies, and businesses.

Taking a proactive approach to cyber defence is not typically part of the NISC's remit, but powers are being proposed to give the new body the freedom to actively pre-empt and stop attacks before they reach Japan's systems.

The head of the new organisation will aim to strengthen the country’s response to cyber attacks by increasing cross-border collaboration and intelligence-sharing between Japan and its counterparts in the US and European cyber security agencies.

This comes as Asia moved into first place as the most-attacked global region in 2021, being the targeted in 26% of all cyber attacks, according to IBM’s Security X-Force Threat Intelligence Index 2022 report. Japan, Australia, and India are the three most attacked countries in the region.

Additionally, the average ransom demand for Japanese businesses was around 26 times greater than for UK organisations in 2021. Research from Sophos, published in April 2022, found that organisations in Japan paid the highest ransoms in the world in 2021, with the average payment recorded at around $4,327,024 (£3,440,330).

The creation of the new body may be spurred by the increasing number of cyber attacks that have hit Japan recently. In May 2021, the country's government had its data leaked when hackers gained access to Fujitsu’s project management platform. One ministry said that it had suffered a data breach, with around 76,000 email addresses exposed.

The month after, Fujifilm was hit by a potential ransomware attack, forcing it to shut down part of its network.

In 2022, Bandai Namco confirmed in July that it had been a victim of a cyber attack. Several of its companies in Asian regions were breached by a third party earlier in the month. Some reports suggested that AlphV, or BlackCat, were the ransomware group behind the attack.

The government also came under attack this year when in September investigations focused on the pro-Russia Killnet group launching cyber attacks on government websites.

It had problems accessing more than 20 websites across four ministries, an incident which was thought to be caused by denial of service attacks (DDoS). The Tokyo police launched an investigation into the attacks as well.