Public-Private Info-Sharing Key to Cyber Defense;Govt Aims to Streamline System for Reporting Incidents

The Yomiuri Shimbun
Digital information minister Taro Kono, second from left, greets participants on Monday at a meeting of an expert panel discussing the introduction of an “active cyber defense” system aimed at preventing critical cyber-attacks.

The importance of information-sharing between the public and private sectors for the sake of cyber security was highlighted in an expert panel’s Monday discussion of the introduction of an “active cyber defense” system aimed at preventing and responding to cyber-attacks.

It is an urgent task for the government to break down administrative silos and build a system in which the public can feel advantages.

Public-private collaboration stalled

“How can we improve our response capabilities in the field of cybersecurity? I’d like to listen to your ideas on what roles the industrial and business worlds expect the government to play, and what kind of system is desired. I’d like you to discuss this candidly,” digital information minister Taro Kono said at the start of the meeting.

The expert panel decided to seek opinions from the Japan Business Federation (Keidanren) and others because of concerns that public-private collaboration in the field is not functioning well.

Currently, when critical infrastructure, such as electricity, telecommunications or water utilities, suffers damage in a cyber-attack, individual operators are expected to send reports to the relevant authorities, such as the Economy, Trade and Industry Ministry and the Internal Affairs and Communications Ministry. The information will subsequently be consolidated by the National Center for Incident Readiness and Strategy for Cybersecurity (NISC).

However, infrastructure operators are not legally obliged to make reports to the NISC, and it has been said that information sharing has been inadequate both among government bodies and between the public and private sectors.

Cyber threats ‘ordinary occurrences’

A spate of cybersecurity breaches have been reported in the country. In June, a ransomware attack on media group Kadokawa came to light, and part of the group’s main businesses, such as video distribution and printed matter distribution, was forced out of service, resulting in its stock price falling. A Russian-related hacker group is suspected to have been involved.

“Cyber-attack threats have become ordinary occurrences,” said a senior official of the Defense Ministry. The government has a strong sense of crisis because if key infrastructure is damaged, it will throw society into serious confusion and could hinder activities of the Self-Defense Forces and the U.S. forces stationed in Japan in the event of an emergency.

Sensitive information to be shared

In an effort to enhance capabilities to respond to cyber-attacks, the government plans to set up a new public-private consultative body in accordance with the introduction of active cyber defense.

The consultative body is expected to be comprised of operators of crucial infrastructure and the NISC, which is to be reorganized. In the event of cyber-attacks, the new body will be the government’s sole point of contact to receive reports from the infrastructure operators. In addition, it is planned to make the operators legally obliged to report cyber-attacks to the government under the new system.

The government is also considering installing sensors at operators’ key facilities in order to instantly share information once suspicious communications are identified. The government is also eyeing providing assistance to the operators when serious damage is reported.

At the expert panel meeting on Monday, one participant stressed the need to standardize the form of reports, in addition to centralizing the point of contact. Another called for a budget appropriation for training cyber experts at universities.

The NISC is already providing information on cyber-attacks. On June 25, it called for vigilance against a new type of cyber-attack in which malware remains within a system and collects information. The method is used by the hacker group Volt Typhoon, which receives assistance from China.

The envisaged consultative body will take additional steps. It is expected to provide the private sector with sensitive information the government has received from the United States and elsewhere, such as on methods of cyber-attacks.

“[The envisaged body] will dramatically boost the level of public-private collaboration,” a high-ranking government official said confidently.

As a security measure, the government is considering requiring private-sector participants to obtain certificates under the security clearance system for individuals who are allowed to handle important information related to economic security.