Japan Digitalization and Cyberthreats

The Government of Japan (GOJ) launched on September 1, 2021 a new Digital Agency that will aim to accelerate digital transformation in the government and private sector. But with growing digitalization in society – accelerated by increased telework and use of virtual tools during the Covid pandemic – has come increased need for effective cybersecurity.

According to Japan’s Information-technology Promotion Agency (IPA) “10 Major Security Threats 2021” report, ransomware attacks are the most commonly occurring cybersecurity breach, followed by confidential information theft by advanced persistent threat (APT).  Lack of security in telework environments and supply-chain weakness are other risks.

Given that telework practices were adopted so suddenly as the pandemic began, companies and other organizations often did not implement adequate security systems and ransomware countermeasures. Overseas subsidiaries appear particularly vulnerable.  For example, a U.S. subsidiary of HOYA Corporation, a Japanese manufacturer of optical and glass products, was attacked by ransomware in April 2021, with customer information stolen.  Kajima Corporation, a leading general construction company, also had a cyberattack via its overseas subsidiary, in March 2021.  Sensitive information, including non-disclosure agreements and contact information were, disclosed on the dark web.  And in November 2020, Capcom, a large video game company in Japan, was hit by a ransomware attack and personal information was leaked.

According to industry reports, more than 50 percent of Japanese companies have experienced some form or ransomware attack.  The GOJ and industry groups have urged company leaders to develop and enhance cybersecurity strategies to protect corporate assets.  

For more information about cybersecurity market developments in Japan, please contact the U.S. Commercial Service at Yasue.Morimoto@trade.gov.