Cyberattacks: Build Defense Systems for Key Elements of Infrastructure

Editorial

15:41 JST, December 28, 2024

Elements of the nation’s critical infrastructure — an airline and a bank — were hit by a series of cyberattacks at the end of the year. Who launched these attacks? And for what purpose? Urgent efforts must be made to clarify the actual situation and improve defense systems.

On Dec. 26, Japan Airlines Co. and MUFG Bank announced they had been hit by separate cyberattacks. Both are believed to have been hit by a distributed denial of service (DDoS) attack, in which large amounts of data are sent to paralyze systems.

At JAL, baggage checking and other service systems at airports nationwide were disrupted, causing many delays in domestic and international flights and forcing the cancellation of some flights. At MUFG Bank, it became difficult to log in to online banking services.

According to JAL, flight operation systems were not affected and safety was not compromised. MUFG Bank reportedly has not identified any leakage of personal data or other problems so far.

Even so, the fact that key parts of infrastructure were targeted by the cyberattacks indicates a threat to the lives of the public. There is no telling when a similar attack may occur again.

The number of people traveling during the year-end and New Year periods is especially high and confusion can easily spread. Moreover, companies’ systems tend to be weak. Each company needs to make sure that it has a system in place to respond appropriately in the event of being attacked.

The Metropolitan Police Department has begun an investigation into the latest cyberattacks as a possible case of suspected obstruction of business by damaging a computer. First, it is important to analyze communication records and identify the sources. It is essential to clarify the framework of the crime, such as what kind of organization is involved and what the aim is.

In Japan, in recent years, besides DDoS attacks, there have been many cases of damage from ransomware attacks in which perpetrators encrypt the victim’s confidential data and demand a ransom to restore access to it. Elements of infrastructure, including hospitals and ports, have been targeted, temporarily disrupting their operations.

Many of the attacks are carried out from overseas. It is hoped that the police will work in close cooperation with the investigative agencies of other countries to uncover attackers.

Just strengthening corporate countermeasures and improving investigative capabilities is no longer sufficient to deal with the threat of cyberattacks. There may be limits to dealing with attacks after the targets are attacked.

The government is considering the introduction of an “active cyber defense” system to monitor communications and — when there are signs of a serious attack — penetrate and neutralize the servers of sources. JAL and MUFG Bank, the two companies targeted this time, are expected to be among the operators designated for protection with active cyber defense.

Unless the signs of an attack can be quickly identified, it will not lead to active cyber defense. The government should investigate whether it would have been possible for active cyber defense to deal with the attacks this time and make use of the results in the future.

(From The Yomiuri Shimbun, Dec. 28, 2024)