Cyber Defense: Swiftly Detect Signs of Attacks

Editorial

15:00 JST, November 30, 2024

There have been many cyberattacks on government organizations and critical infrastructure one after another. To prevent large-scale damage, it is important to quickly detect signs of attacks.

The government’s panel of experts that has been studying the introduction of an “active cyber defense” system to prevent serious cyberattacks has compiled its proposal.

The panel emphasized that the government should monitor cyberspace on a day-to-day basis, and, if it detects signs of an attack, it should be able to break into the other party’s system and neutralize it.

The panel also called for the government to make it mandatory for “core infrastructure providers” in 15 industries, including electricity, telecommunications and finance, to report promptly to the government if they are attacked.

It must be said that Japan’s defense capabilities in cyberspace are weak. The Japan Aerospace Exploration Agency (JAXA) has been the target of cyberattacks on numerous occasions since last year, and personal information on its staff has been compromised. Last year, the system at the Port of Nagoya stopped functioning due to a cyberattack.

Until now, Japan has dealt with cyberattacks only after they have occurred, based on the principle of a defense-only security policy. However, given the increasing threat, it is necessary to detect signs of an attack at an early stage and take preventive measures.

To achieve this, the government needs to obtain transmitted information from service providers. However, at present, service providers are unable to provide information in principle, based on the “secrecy of any means of communication” stipulated in the Constitution.

In this regard, the expert panel explicitly stated in its proposal that “the secrecy of communications is subject to necessary and reasonable restrictions for the public welfare.” To dispel concerns about invasions of privacy, the panel also proposed the establishment of a third-party organization to oversee the operation of the entire system.

It is the responsibility of the government to eliminate threats in cyberspace. To gain a broad understanding of specific measures related to this responsibility, the envisioned third-party organization has to have a high degree of independence.

In addition to the system design, the actual operation of the system is important, but there remain concerns about coordination within the government.

The proposal states that the police should be responsible for defense “first,” and that the “Self-Defense Forces should join in when necessary.”

In recent years, the police authorities, which have been strengthening their preparations for cybercrime and infrastructure attacks, seem to be trying to take control of the whole of cyber measures. This must not end up as a turf war.

In the initial stages of a cyberattack, it is unclear whether it is a domestic crime or a potential military threat. Exchanging information with allies and friendly nations is essential.

The entire government, including not only the Defense Ministry, but also the Foreign and Justice ministries, should build a system to deal with threats.

(From The Yomiuri Shimbun, Nov. 30, 2024)