APAC CYBER SECURITY SHOW: JAPAN IN FOCUS

In this episode of the Biztech’s APAC Cyber Security Show, experts shed light on the cybersecurity landscape in Japan and discussed the implications of a ransomware attack on the country’s largest port, Nagoya. The conversation featured Mihoko Matsubara, Chief Cybersecurity Strategist at NTT Corporation, and Benjamin Aang, Head of Cyber and Homeland Defense at the Centre of Excellence for National Security in Singapore.

Here are the key takeaways from their discussion:

Ransomware Attack on Nagoya Port:

The port of Nagoya experienced a ransomware attack, causing disruptions to its cargo container shipping operations. The attack, attributed to a group called Rockbit, highlighted the growing sophistication of ransomware tactics, including double and triple extortion. These methods involve not only encrypting data but also stealing and threatening to release it or using it to pressure victims into paying the ransom.

Increasing Threats to Japanese Businesses:

Ransomware attacks in Japan have been on the rise, impacting not only major corporations but also small and medium-sized enterprises. The Japanese National Police Agency’s statistics reveal a steady increase in reported ransomware attacks over the past few years. This shift emphasizes the need for heightened cybersecurity measures across all sectors.

Heightened Cybersecurity Awareness:

The average Japanese consumer demonstrates a greater awareness of cybersecurity compared to other parts of Southeast Asia or the APAC region. This heightened awareness can be attributed, in part, to the preparations for the Tokyo 2020 Summer Olympic Games. With the Olympics serving as a platform for political and technological advancements, cybersecurity became a critical aspect of hosting the event and welcoming international visitors.

Importance of Cyber Hygiene and Incident Response:

To protect businesses from ransomware attacks and effectively respond if targeted, organizations must prioritize cybersecurity best practices. This includes raising awareness of basic cyber hygiene among employees and implementing incident response plans. Regular cyber exercises involving not only IT teams but also communications and legal teams are crucial to building resilience and ensuring a coordinated response in the face of an attack.

Cross-Sector Collaboration:

As ransomware attacks have the potential to impact critical infrastructure sectors, fostering cross-sector collaboration is essential. Learning from incidents like the Colonial Pipeline attack, it is vital for organizations in energy, finance, transportation, and other sectors to engage in cross-sectoral cyber exercises. Such exercises promote preparedness, improve response capabilities, and mitigate the cascading effects that cyber threats can have on interconnected systems.

Involving Communication Teams in Cyber Exercises:

Cyber exercises should not be limited to technical teams alone. Communication teams play a critical role in managing the repercussions of cyber-attacks, even though they may not possess deep technical expertise. By involving them in cyber exercises, organizations can enhance their understanding of potential risks, response protocols, and the importance of timely and accurate communication during a cyber incident.