Worries about cyberattacks on computer systems of government organizations and private enterprises are rising after a series of such attacks on government organizations in June, for which an international hackers’ group, Anonymous, hinted that it was responsible.
Still the serious nature of cyberattacks is not widely recognized in Japan. The government and the private sector need to rouse public awareness about threats from cyberattacks, hold informed discussions and take necessary measures to protect themselves against such attacks.
In late June, false information was found written into part of the state property information disclosure system of the Finance Ministry’s homepage. Trouble also occurred on the homepages of the Supreme Court and the infrastructure and transport ministry. The hackers’ group Anonymous carried a statement on the Internet hinting that it was responsible.
More serious incidents occurred from 2010 to 2011. A large amount of data was transmitted to the computer systems of the prime minister’s office, the National Police Agency and the Defense Agency. Viruses hit defense contractors Mitsubishi Heavy Industries Ltd. and IHI Corp. as well as Japanese diplomatic missions in various parts of the world. The viruses that attacked MHI directed the infected computers to transmit data overseas.
There are cases in which cyberattacks are not immediately noticed. There is the possibility that important data are stolen over a long time while the attacked parties are unaware. The possibility cannot be ruled out that serious cyberattacks will be launched against the financial system, the electricity supply system and city water systems of a nation.
The American mass media found out that the United States and Israel jointly carried out a cyberattack against the computer system of an Iranian nuclear development facility in 2010, changing the rotation rate of centrifugal separators to enrich uranium and destroying many of them.
Following the cyberattacks in June, the government set up an emergency support team under the Cabinet Secretariat to make full preparations against cyberattacks on government organizations. Although the Defense Ministry mentions cooperation with the U.S. in cyberspace in its new defense program outline adopted in late 2010, it has yet to take concrete steps.
On July 12, the National Police Agency told the police nationwide to prepare agreements with enterprises likely to be cyberattack targets so that they will convey necessary information to the police. Enterprises often refrain from disclosing damage from cyberattacks, for fear that their public reputation might be tarnished. This practice should stop. On the same day, the trade and industry ministry, the communications ministry and four information security organizations formed a consultative body to analyze cyberattacks. It is hoped that this body will speedily work out measures to strengthen defense against cyberattacks.