Japan seen lagging in cyberdefense issues

The Yomiuri Shimbun

Wednesday marked six months since Russia invaded Ukraine. Since the conflict began, new modes of war and related defense issues have come to light. This article will examine statements from various sources and explore possible lessons for Japan.

In the morning of Feb. 16, eight days before Russia moved against its smaller neighbor, Hiroshima Prefecture began to experience distributed denial of service (DDoS) attacks, in which massive amounts of data are sent to computer servers with the aim of crippling systems. The prefectural government and all 23 municipalities in the prefecture were repeatedly targeted every 30 to 60 minutes. The digital onslaught lasted until March 5, destabilizing connections to the bodies’ respective websites.

Since February, there have been numerous cyber-attacks on municipalities and companies across the country.

On Feb. 26, it was learned that a firm that supplies components to Toyota Motor Corp. had experienced cyber-attacks, forcing all 14 of Toyota’s domestic factories to temporarily suspend production.

According to an emergency survey of 1,547 Japan-based companies conducted by Teikoku Databank Ltd. in March, 30% of respondents said they had been attacked within the last month. Many cyber-experts suspect possible Russian involvement, given the timing of the attacks and other reasons.

More recently, many Taiwanese public institutions were subjected to large-scale cyber-attacks before and after U.S. House Speaker Nancy Pelosi’s visit to Taiwan on Aug. 2-3. A public screen was hacked to display a message mocking her visit, saying “The old witch’s visit to Taiwan is a serious provocation to the sovereignty of the Motherland.”

The number of attempts to damage systems operated by Taiwan public institutions was 23 times higher than normal. A Chinese hacker group calling itself APT 27 claimed on YouTube responsibility for the latest attacks.

In the case of a Taiwan contingency, it is expected that hybrid warfare using cyber-attacks and information warfare as well as weapons would presage full-scale hostilities. Some believe that “initial attacks” to Japan have already been prepared.

A source close to the Defense Ministry expressed concern, saying, “There’s already malware planted inside systems for key infrastructure.” Observers say if tension between Japan and China were to heighten, such malware could be activated, seriously impacting electricity and water supplies, and other infrastructure.

Keio University Prof. Satoru Tezuka, an expert in cyber-issues, said: “At present, Japan wouldn’t be able to withstand attacks as intense as those buffeting Ukraine. If a contingency occurs in Taiwan and we find ourselves with no electrical power, it’ll already be too late.”

Prior to Russia’s invasion, Ukraine was inundated with computer viruses. U.S. information technology companies and the U.S. military helped Ukraine with its cyberdefense.

If serious trouble unfolds in Taiwan, the United States may be willing to support Japan, but Tokyo is reportedly reticent about accepting such help. “The United States is our ally, but it would be difficult to expose the vulnerabilities in our systems to other countries,” a government source said.

The National Defense Program Guidelines, approved by the Cabinet in December 2018, positions space, cyberspace and the electromagnetic spectrum as new domains in need of enhanced defense capabilities. Surveillance from space, data gathering and defense using cybertechnology and electromagnetic spectrum will be key factors in combatting information warfare. When Russia invaded Ukraine, the United States disclosed confidential information gathered through such means and dismissed false information from Russia, thus gaining the edge in the information battle.

It has been pointed out that Japan lags in key areas, especially the cyber-arena, making it an urgent issue for the government to address related shortcomings.

Former U.S. Director of National Intelligence Dennis Blair — who also served as commander of the U.S. forces in the Pacific region — delivered a speech at the Liberal Democratic Party’s headquarters in April, saying Japan’s cyberdefense capabilities were wanting and the main weakness in the Japan-U.S. alliance. Blair flagged a lack of government authority, insufficient legislation, and a shortage of relevant organizations and personnel. Former defense ministers listening to the speech were said to have turned pale with shock.

The U.S. Department of Homeland Security and the U.S. Cyber Command cooperate to formulate responses to cyber-attacks targeting key infrastructure. In Japan, the National Center of Incident Readiness and Strategy for Cybersecurity constantly monitors and analyzes communications of government ministries and agencies while sharing information and offering advice when issues arise. However, when government bodies or private companies are hit by a cyber-attack, it is up to each organization to fashion its own response.

The Defense Ministry launched a cyberdefense command unit in March, tasked primarily with defending the Self-Defense Forces’ computer networks. In this connection, Japan’s bureaucratic sectionalism is seen as a challenge: The Internal Affairs and Communications Ministry is in charge of information and communications; the Land, Infrastructure, Transport and Tourism Ministry oversees aviation and railways; and the Economy, Trade and Industry Ministry takes the lead in electricity and gas.

The LDP has proposed revisions to three documents related to defense matters — including the National Security Strategy — that are scheduled to be made by the end of this year. The proposal includes the adoption of “active cyberdefense.” The move is aimed at supplanting Japan’s traditional after-the-fact response to cyber-attacks with constant monitoring for signs of possible strikes, by gaining access to remote systems to help identify and expose digital assailants.

However, such actions are not possible under the current legal system. Privacy of communications — including in the digital world — is guaranteed under the Constitution, making it difficult to monitor communications and identify the source of attacks. Hacking into an aggressor’s server could infringe the law on prohibition of unauthorized computer access. In light of these circumstances, it is necessary to develop legislation on the role and authority of the state vis-a-vis the cyberworld and other issues.

Japan presently lacks a sense of urgency, despite the ongoing risk of cyber-attacks causing serious damage to key infrastructure. Without quick action, the nation may suffer irreparable damage.