Japan

サイバー犯罪組織「フォボス」のロシア人、韓国から米当局に身柄引き渡し…国際捜査に警察庁も参画

Yomiuri Shimbun | Local Language | News | Nov. 21, 2024 | Cyber Attacks and Data Loss

The National Police Agency extradited a 42-year-old Russian man to U.S. authorities for operating the cybercrime group "Phobos," notorious for ransomware attacks. This extradition follows an international investigation that has uncovered around 70 cases of related damage in Japan. Ransomware encrypts sensitive data, leading to demands for payment to regain access.

The individual, identified as the Phobos leader, is accused of selling ransomware and managing the organization. Since its inception in 2018, Phobos has allegedly extorted over $16 million from more than 1,000 victims globally, including government agencies, hospitals, and schools. The investigation involved 10 countries and was coordinated by the U.S. Federal Bureau of Investigation (FBI).

Tracing the IP address linked to the attacks confirmed the man's involvement, resulting in his capture in South Korea before being handed over to U.S. authorities. A notable incident tied to Phobos occurred in October 2010 when a ransomware attack led to significant disruptions at the Osaka Acute and General Medical Center, halting surgery and outpatient services due to a system failure.

浦安市立小学校における不正アクセス等事案に関する第三者調査委員会

Urayasu City | Local Language | CityState | Nov. 21, 2024 | Privacy

The Third-Party Investigation Committee has been established to address unauthorized access incidents at Urayasu Municipal Elementary School. Its main purpose is to conduct an impartial investigation into a personnel dispute involving teaching staff, following an incident linked to a former instructor from Chiba Prefecture.

Officially formed on September 30, 2024, the committee oversees the investigation, verification, evaluation, and recommendations related to the personnel dispute. Committee meetings are confidential due to the sensitive nature of personal information, as per the Urayasu City Information Disclosure Ordinance.

The committee consists of three members whose term lasts until the report's completion, with compensation set at 25,000 yen per day for the chairman and 24,500 yen for other members. The General Affairs Section within the Education General Affairs Department manages the committee's operations.

Materials related to the committee's activities, including operational guidelines and meeting summaries, are available in PDF format. The public can provide feedback regarding the clarity of information on the committee’s page, with a section for contact inquiries included.

Nippon | English | News | Nov. 21, 2024 | Cyber Attacks and Data Loss

Japan is increasingly vulnerable to cyberattacks, particularly ransomware, yet organizations are slow to adopt effective cybersecurity strategies. Recent incidents underscore key vulnerabilities in Japanese firms.

In June 2024, a major publishing group suffered a ransomware attack that led to a systemwide crash and delayed disclosure of a customer data breach for nearly three weeks. This contrasts sharply with Western companies, which are required to report data breaches more promptly.

A ransomware attack in February 2024 on a regional supermarket chain paralyzed its ordering systems for over two months, highlighting a significant lack of preparedness and inadequate backup systems. This slow recovery process reveals a stark difference between Japanese firms and their more proactive overseas counterparts.

In May 2024, a digital solutions firm demonstrated some improvement by disclosing a breach within three days and providing regular updates. However, initial misstatements about the breach underscored challenges in risk assessment during crises. Overall, these cases reflect ongoing issues with decision-making speed, cybersecurity investment, expertise retention, and a culture of limited transparency.

To enhance cybersecurity, Japanese firms must rethink their organizational approach. This involves optimizing resource allocation, integrating risk management, fostering a cultural shift, and building stakeholder trust. Executives are vital in this transformation, underscoring the need for urgent proactive measures against evolving cyber threats.