The recent wave of cyberattacks against Japanese businesses has exposed critical weaknesse
corporate digital defenses, fueling fears of further disruption to sales and supply chains.I
n the past month, Asahi Group Holdings Ltd. was forced to take its distribution system offline and revert to phone ord
ers for beer and beverages after a ransomware attack, while retailers relying on Askul Corp. lost access to their e-commerce platforms.
The surge reflects a combination of factors, including the rise of post-pandemic remote work, greater use o
f cryptocurrency and artif
tors to communicate with their victims and claim ransoms, according to security experts. There were 116 reported cases of ra
nsomware attacks in the first half of the year, matching a record last seen in 2022, data from the Tokyo Metropolitan Police Department show.
“There’s definitely been a trend for Japanese companies to be targeted more and more,” said Lauro Burkart, a Singapore-based official with Israeli cybersecurity fi
rm Sygnia Consulting Ltd. The country has “a lot of lucrative targets,” he said.
In a typical ransomware attack, hackers block access to important files or systems and demand payment in return to restore access.
Askul’s incident left Muji, the minimalist household goods retailer operated by Ryohin Keikaku Co., a
See more beautiful photo albums Here >>>
nd department store company Sogo & Seibu Co. without the ability to sell online. Although the recent
incidents were temporary and mainly hit shopping, manufacture
rs with weaker systems could face deeper disruptions, threatening their bottom lines.
Corpo
ws and limited English proficiency used to be unintentional prot
ective barriers, according to Nobuo Miwa, president of Tokyo-based cybersecurity firm S&J Corp. Ransomware ga
ngs often overlooked targets in the country because many were unfamiliar with crypto payments, making it more difficult for them to pay.
“I’ve actually received multiple inquiries from companies saying they want to pay and asking how to do it,” Miwa said.
The Port of Nagoya, one of Japan’s biggest container terminals, was forced to suspend operations in
2023 after a ransomware attack disrupted communication syste
ms. Entertainment and publishing company Kadokawa Corp. suffered a breach last year that leaked data on more than 250,000 people.
Japanese corporate structures compound the risk, said Tetsutaro Uehara, a member of a government panel on cybersecurity and professor of information technology and engineering at Ritsumeikan University.
“Japan’s biggest issue is how companies tend to throw everything to their system integrators,” Uehara said, ad
ding that this reduces in-house cybersecurity expertise. “IT isn’t integrated into corporate strategy, and chief information officers tend to be either symbolic or absent.”
According to a report by San Francisco-based software firm Fastly Inc., roughly 46% of Japanese comp
anies have appointed a chief information security officer, or CISO, compared with the global average of about 70%.
Despite the recent spate of attacks, Japan and the region remain relatively small compared to the scale of cybercrime in North America, which accounted for 64
% of victims globally in September, according to a report by Check Point Software Technologies Ltd. The Asia-Pacific region represented 12%, the Tel Aviv-based security software provider said.