Companies should speed up efforts to counter threats

Since Russia’s invasion of Ukraine began, cyber-attacks on companies have become conspicuous. It is hoped that firms will be aware of the increased risks and urgently prepare for possible attacks.

In late March, the government called on companies to strengthen their cybersecurity measures. This is the third time such an alert has been issued since late February.

The government was prompted to warn companies because Russia could retaliate over the sanctions imposed against it, and criminal groups could take advantage of the chaos.

In late February, Kojima Industries Corp., which supplies resin parts and other equipment to Toyota Motor Corp., was hit by a computer virus. With the supply of parts disrupted, all of Toyota’s domestic plants were forced to shut down.

The German unit of major auto parts maker Denso Corp. is also believed to have had an unauthorized access that resulted in some internal information leaking in mid-March. Toei Animation Co. said its internal system had been hacked, disrupting the broadcasting of its animated cartoons.

In particular, ransomware attacks, in which perpetrators encrypt data and demand a ransom to restore access to the data, have been on the rise. Companies must review their measures and raise their alert levels.

According to a survey conducted by a private research firm in mid-March, about 30% of companies that responded said they had been targeted by a cyber-attack in the previous month. In the survey, many companies said they had received more suspicious emails since the Russian invasion began.

Manufacturers’ supply chains have become complicated. Because companies’ overseas bases, subcontractors and other entities that were inadequately prepared for possible cyber-attacks have been targeted in particular, the damage could spread. It is crucial that companies take measures across their entire supply networks, which include suppliers.

The government has urged companies to instill a sense of urgency about cyber-attacks among employees first and foremost. The methods used in cyber-attacks have become more sophisticated, such as sending emails purporting to be replies from business partners.

Companies need to thoroughly ensure that they do not neglect to update their computer software and urge their employees not to open email attachments carelessly or be directed to fake sites.

The role of law enforcement is also important to prevent cyber-attacks. A special investigative unit for cybercrimes was launched at the National Police Agency this month. It is hoped that the police will improve their investigative capabilities and do their utmost to detect criminals.

Companies hit by cyber-attacks should also cooperate fully with investigators.

The government has established the National Center of Incident Readiness and Strategy for Cybersecurity as a command tower, and the Self-Defense Forces’ special unit was set up to counter cyber-attacks. However, some observers say that cybersecurity measures have been taken up slowly due to a lack of the sharing of information. It is essential that government bodies strengthen their cooperation.

(From The Yomiuri Shimbun, April 4, 2022)