Govt to Offer Cybersecurity for Infrastructure Operators; Hospitals, Water Utilities to be Protected from Malware

The Yomiuri Shimbun

15:15 JST, May 15, 2024

The government will begin offering a free cybersecurity service to medical institutions and other operators of critical infrastructure as well as universities and research institutes, according to government sources.

The service is intended to prevent connections to malicious websites, which contain malware designed to steal information. The government aims to create a system to protect infrastructure that directly affects people’s lives.

The government has judged it necessary to take new measures against cyber-attacks as it is becoming increasingly wary of attacks aimed at stealing information related to advanced technologies.

The National center of Incident readiness and Strategy for Cybersecurity (NISC) has allocated ¥4.93 billion in this fiscal year’s budget to strengthen cybersecurity at government agencies and other bodies. NISC plans to implement the envisaged free cybersecurity service as part of specific measures.

While critical infrastructure operators as well as universities and research institutes have taken measures to defend against cyber-attacks, the government will provide more capable services to raise the overall level of cybersecurity in Japan, which is said to be vulnerable. Through these measures, the government also aims to prevent the outflow of cutting-edge technology to outside parties.

The planned service, called the Protective Domain Name System, or Protective DNS, is already being introduced in the United States, the United Kingdom and other countries. If a user is mistakenly going to connect to a phishing site that steals personal information through a URL sent by email or other means, the system will block the connection or issue a warning. A warning is also displayed if a user tries to download a suspicious file likely to contain malware.

The service is expected to be provided to operators of infrastructure such as medical institutions and water utilities, in which malfunctions would have a significant impact on people’s lives. It will also likely be offered to universities, research institutes and independent administrative institutions engaged in advanced technology research. The government will call for the use of the service through the Cabinet Office, the Education, Culture, Sports, Science and Technology Ministry and other relevant ministries and agencies.

Information on malicious sites obtained through the use of the service will be accumulated and analyzed by NISC and will also be used to further improve the service’s capabilities.

In recent years, there have been a series of cyber-attacks on medical institutions, universities and research institutes. In March, a medical institution in Kagoshima Prefecture was attacked and was forced to restrict some of its medical services.