Japan's political parties vow to ramp up cybersecurity policies as threats rise

TOKYO — The platforms of most Japanese political parties for the House of Representatives election on Sunday have underscored the significance of enhancing the nation's cybersecurity capabilities amid increasing threats from abroad.

One of the focal points is whether the next government will try to pass a bill to introduce "active cyber defense," a concept in which when signs of cyberattacks are detected, preemptive steps such as disrupting enemy servers with computer viruses are executed if necessary.

With the skills of cyber hackers becoming more sophisticated, Japan is showing greater vulnerability, and this could lead to a large-scale national security or information breach, extortion or disruption to important infrastructure.

Japan has lagged behind other developed economies in the cyber realm as limited public-private cooperation and constitutional constraints have hindered knowledge accumulation on offensive capabilities and government collection of signal intelligence.

Earlier this month, after assuming the position of prime minister, Shigeru Ishiba said in his first policy speech in parliament that he would "accelerate discussions on introducing active cyber defense to strengthen the country's cybersecurity."

His remarks were reflected in his ruling party's election platform, released on Oct. 10, which emphasizes the need for active cyber defense to raise Japan's cybersecurity capabilities to at least the level of the United States and major European nations.

Debate on the matter is likely to speed up in Japan. The government, led by the Liberal Democratic Party, may attempt to pass the bill by the end of this year to implement active cyber defense, as both ruling and opposition parties are pushing for the law.

Other parties, including the LDP's junior coalition partner, the Komeito party, and the Democratic Party for the People, one of the opposition parties, have also stressed the necessity of acquiring active cyber defense capabilities for Japan's economic security.

While the main opposition party, the Constitutional Democratic Party of Japan, and the Japan Innovation Party have not directly referred to such actions, both have argued that the country needs to take steps to defend its cyber domain.

Japan's government updated its National Security Strategy in late 2022. Former Prime Minister Fumio Kishida pledged to introduce active cyber defense to shield "national security infrastructure" in advance and to submit the related bill earlier this year.

The Kishida administration, however, postponed the submission of the bill to parliament, with concerns mounting even among ruling lawmakers that such a move could violate the nation's constitutional guarantee of communication secrecy.

In August, a government panel of experts issued an interim report saying that monitoring foreign communications is particularly crucial but that collecting personal information from emails and other systems during surveillance activities would be inappropriate.

Yukimi Sohta, chief cybersecurity evangelist at Proofpoint Japan, said the problem could be resolved if the government observes, for example, private metadata that describe electronic or digital records, such as when and where they were sent, rather than their contents.

The bill is seen as indispensable for addressing the growing number of cyberattacks from countries such as China, Russia, and North Korea, which have supported hacking organizations that work in the national interest both officially and behind the scenes.

A recent trend shows a surge in ransomware attacks, in which an attacker holds a user's system or data hostage by encrypting the contents and demands money in exchange for a decryption key, said Mihoko Matsubara, chief cybersecurity strategist at NTT Corp.

According to Japan's National Police Agency, ransomware attacks remain high, with 114 reported incidents in the first half of this year, up from 94 in the latter half of 2023. Stolen data from these attacks have been published on the dark web, it said.

Russia has notably intensified its cyberattacks since its invasion of Ukraine in February 2022 in retaliation against nations that have imposed economic sanctions on Moscow, while China has upgraded the People's Liberation Army's cyber force, Sohta said.

One illustrative example is a Russia-linked hacking group called BlackSuit, which conducted a severe ransomware attack on servers at the data center of Japanese publishing house Kadokawa Corp., forcing its video streaming website niconico to suspend operations in 2024.

Sohta said she recognized that Conti, the predecessor of BlackSuit, had ties to Russia's Federal Security Service, after she analyzed files and data that a former member of the predecessor organization intentionally leaked online.

Matsubara warned that cyberattacks by such groups would "hamper supply chains" in Japan, citing an incident in 2023 at the Port of Nagoya, where a ransomware attack prevented vessels at the shipping hub for Toyota Motor Corp. from loading or unloading containers.

The Japan Aerospace Exploration Agency has also been hit by multiple cyberattacks since 2023. JAXA's system, which the institution said this July did not contain "sensitive information" on space operations, was apparently breached by Chinese-affiliated hackers.

Matsubara said, "It is becoming more challenging to protect our way of life and the critical infrastructure that supports both our daily activities and national security from disruptive cyberattacks in the digital era. That is why I believe active cyber defense aims to minimize damage to national security by cyberattacks."

© KYODO