Japanese government critical systems lack security controls amid rising cyberattacks
Summary
Hide ▲
Show ▼
Japan's Board of Audit identified 58 critical government systems lacking appropriate security controls. This comes as Japan faces increased cyberattacks, with at least 447 incidents reported in 2024. Nation-state actors and cybercriminals target government systems for cyber-espionage and cyber-physical attacks on critical infrastructure. The extended MirrorFace campaign has likely resulted in critical data loss. Japan is also facing threats from Chinese and North Korean APT groups, including the Lazarus Group. The country is ramping up its offensive capabilities with the Active Cyber Defense Law, but significant gaps remain in its defensive posture.
Timeline
-
24.09.2025 03:00 1 articles · 6d ago
Board of Audit identifies 58 critical systems lacking security controls in Japan
Japan's Board of Audit reported that 58 critical systems at a dozen government agencies lack appropriate security controls and management. This finding comes amid a surge in cyberattacks, with 447 incidents reported in 2024. The MirrorFace campaign and other threats from nation-state actors continue to target critical infrastructure.
Show sources
- As Incidents Rise, Japanese Government's Cybersecurity Falls Short — www.darkreading.com — 24.09.2025 03:00
Information Snippets
-
Japan's Board of Audit identified 58 critical systems at a dozen government agencies lacking appropriate security controls and management.
First reported: 24.09.2025 03:001 source, 1 articleShow sources
- As Incidents Rise, Japanese Government's Cybersecurity Falls Short — www.darkreading.com — 24.09.2025 03:00
-
Japan reported 447 cybersecurity incidents in 2024, more than double the previous year.
First reported: 24.09.2025 03:001 source, 1 articleShow sources
- As Incidents Rise, Japanese Government's Cybersecurity Falls Short — www.darkreading.com — 24.09.2025 03:00
-
The MirrorFace campaign has targeted critical data in Japan, likely resulting in data loss.
First reported: 24.09.2025 03:001 source, 1 articleShow sources
- As Incidents Rise, Japanese Government's Cybersecurity Falls Short — www.darkreading.com — 24.09.2025 03:00
-
Chinese and North Korean APT groups, including the Lazarus Group, have targeted Japan.
First reported: 24.09.2025 03:001 source, 1 articleShow sources
- As Incidents Rise, Japanese Government's Cybersecurity Falls Short — www.darkreading.com — 24.09.2025 03:00
-
Japan passed the Active Cyber Defense Law in May 2024, allowing law enforcement to respond with active measures against foreign attacks.
First reported: 24.09.2025 03:001 source, 1 articleShow sources
- As Incidents Rise, Japanese Government's Cybersecurity Falls Short — www.darkreading.com — 24.09.2025 03:00
-
The Board of Audit found that 259 of 356 critical systems lacked business continuity plans.
First reported: 24.09.2025 03:001 source, 1 articleShow sources
- As Incidents Rise, Japanese Government's Cybersecurity Falls Short — www.darkreading.com — 24.09.2025 03:00
-
A vulnerability in PHP CGI implementation on Microsoft Windows systems was exploited to install Cobalt Strike reverse proxies.
First reported: 24.09.2025 03:001 source, 1 articleShow sources
- As Incidents Rise, Japanese Government's Cybersecurity Falls Short — www.darkreading.com — 24.09.2025 03:00
-
The Active Cyber Defense Law requires critical infrastructure operators to report cybersecurity incidents to the government.
First reported: 24.09.2025 03:001 source, 1 articleShow sources
- As Incidents Rise, Japanese Government's Cybersecurity Falls Short — www.darkreading.com — 24.09.2025 03:00
-
Japan's telecom giant NTT Communications suffered a breach in March 2024, compromising data on 18,000 companies and an unknown number of individuals.
First reported: 24.09.2025 03:001 source, 1 articleShow sources
- As Incidents Rise, Japanese Government's Cybersecurity Falls Short — www.darkreading.com — 24.09.2025 03:00