Japan was likely caught flat-footed by a recent spate of cyber attacks against the heart of its government and defence industry, experts said, warning that the country's credibility and diplomatic relations could suffer unless prompt countermeasures were put in place. Chief Cabinet Secretary Osamu Fujimura said on Wednesday that the foreign ministry and some Japanese embassies had come under attack since June. Earlier on Tuesday Asahi newspaper reported that hackers have targeted computer networks at Japan's lower house of parliament since July.
The hackings follow an attack on Mitsubishi Heavy Industries Ltd, Japan's biggest defence contractor. In response, the government on Tuesday brought forward the launch, originally planned for next year, of a framework that will share information on cyber attacks and discuss defences among private and public sector participants, including the trade ministry. A trade ministry official, however, told Reuters that the framework would not have the authority to prescribe official steps against cyber attacks. “Government reaction to these attacks seem slow. Their response needs to be better managed. They also need technological improvements,” said Makoto Miyoshi, president of I.S. Rating, a company that rates information security.
One problem could be multitude of government bodies that deal with cyber security. Those include the trade ministry, the police and military, and the National Information Security Center (NISC), which is under the Cabinet Secretariat. “The way cyber security is conducted in Japan needs an overhaul. For example one body, like NISC, may need be allowed to make crucial decisions. Otherwise Japan will always remain on the back foot,” said Miyoshi. “Attacks on government institutions hurt Japan's international credibility. Japan also risks straining ties with the United States if it can't protect military information.” Experts said expertise and technology from the private sector would be crucial if the government wanted to shore up its defences in the cyber world. “The government has not shown much initiative so far and judging from their past inability to deal with social change it will try to deal each attack with stop gap measures,” said Itsuro Nishimoto, a chief technical officer at cyber security company LAC. “It cannot go it alone, and it could use information provided by the private sector to prevent attacks preemptively.” Nishimoto, who described the recent attacks as a new form of international espionage, added: “If Japan wants to seriously counter these cyber attacks, it will have to go on the offensive and strike at the base of the attacks. It then has to be prepared to disclose to the world where the attacks are coming from.”
Asahi said that an attack on a parliament member's computer infected by an intruding virus was linked to servers in China, though it was hard to tell who placed the programme there. Japanese official, however, did not point at any destination as source of the attacks.