Cyber-attacks were launched against three major banks and three TV broadcasters in South Korea on March 20, and North Korea is suspected of being the perpetrator. There is also a report that the Chinese military is likely to be involved in many cyber-attacks against the United States.
Japanese government organizations and private companies were also targeted by cyber-attacks. For example, defense contractors such as Mitsubishi Heavy Industries Ltd., IHI Corp. and Kawasaki Heavy Industries Ltd. reported cyber-attacks against them in 2011.
It is imperative that the government and businesses develop a heightened awareness of the danger from cyber-attacks and cyber-espionage and take protective measures as needed.
They should be prepared to cope not only with the theft of important information, including intellectual property, but also with the paralysis of critical social and business infrastructure, including banking systems, caused by cyber-attacks.
According to the South Korean government, malware pretending to be virus vaccine programs infected the servers of the banks and the broadcasters. The infection spread to some 32,000 online terminal units, including automatic teller machines.
Circumstantial evidence does not rule out the possibility that North Korea is behind the cyber-attacks against the South Korean organizations. North Korea started nurturing experts of cyber warfare in the 1980s and is now estimated to have 12,000 to 30,000 such experts. There is the view that its cyber-attack capability is larger than South Korea’s.
North Korea has been deeply isolated in the international community — with United Nations-initiated economic sanctions slapped on it because of its nuclear weapon and missile programs — and is stepping up bellicose rhetoric against South Korea and the U.S.
In February 2013, U.S. cyber-security company Mandiant issued a report stating that Unit 61398 of the People’s Liberation Army on the outskirts of Shanghai is likely to have had a hand in the attacks against the U.S. The report said that the main purpose of the attacks is the theft of business secrets from U.S. companies.
In Japan, the Defense Ministry plans to establish a cyber space defense unit under the fiscal 2013 budget. Information on cyber-attacks held by the air, ground and maritime branches of the Self-Defense Forces will be integrated to the unit. The unit will monitor the computer networks of the ministry and the SDF as well as cope with cyber-attacks.
The National Police Agency has decided to establish special units for the investigation of cyber-attacks at 13 major police headquarters across Japan this month, with 140 specialists manning them.
Enterprises and government ministries and agencies need to nurture experts who can defend against cyber-attacks, because clearly there is a shortage of such experts in Japan. Cooperation among them are also needed. They should notify each other as soon as they are targeted by cyber-attacks so that they can build necessary defense in time. There cannot be too much caution against cyber-attacks.