Japan’s Leading Companies Exposed To Ransomware

Uploaded on 2023-04-14 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, BUSINESS-Services-Financial

A hacking attack on the largest Japanese IT company has affected the country’s corporate sector and cyber security experts predict that this could cause a surge in ransom attacks by organised criminal gangs on companies and their customers.

Over 10 leading Japanese companies say they have been affected by the hacking at Fujitsu, which supplies Internet infrastructure to thousands of companies.

Last December Fujitsu received information from the police that triggered an internal investigation into a cyber incident that had taken place, allowing external access to communications sent through a Fujitsu-based email system. 

Fujitsu has now admitted that it was hacked in 2022 but it refuses to disclose how many of its customers were hit.

Tokio Marine & Nichido Fire, which is one of Japan’s largest underwriters of corporate insurance against cyber attacks and a prime target for ransomware gangs, said it was affected by the Fujitsu leak. The company said it took the situation seriously and they have been contacting their corporate clients to discuss the possible impact of the breach and the potential loss of sensitive data. 

The technology giant Kyocera, clothing maker Goldwin and property developer Sekisui House have all said within the past month that they are also among the companies affected by the Fujitsu incident.

Cyber security experts said that the attack on Fujitsu was consistent with the tactics of highly professional gangs in Russia and Belarus who target Japanese companies and organisations as they often have relatively low-level defences and their willingness to pay a ransom tends to be high.

IBM Security has said in its 2022 Data Breach Report that ransomware attacks were sharply on the rise, with the global average cost to companies suffering a ransomware attack was $4.5m, not including the payment of the ransom itself.

The best way to prevent a data breach is to understand why it’s happening. “For 83% of companies, it’s not if a data breach will happen, but when...  When detecting, responding to and recovering from threats, faster is better. Organisations using AI and automation had a 74-day shorter breach lifecycle and saved an average of $3m more than those without,” says IBM’s Report

Fujitsu said it has launched an internal investigation into the incident after it first received information from the police, nearly four months ago. The company has apologised and said it was investigating and co-operating with affected clients.

It was the second significant attack on the group in as many years. In 2021, Fujitsu’s cloud service for government agencies was targeted by hackers, resulting in a data breach at the foreign ministry, the cabinet office and other ministries. Data from Fujitsu was subsequently found being sold on the Dark Web by a criminal group named Marketo.

Insurance Business:      IBM:       Bleeping Computer:       ZDNet FT:    

You Might Also Read: 

Outsourcing IT Systems & Data Management Can Be A False Economy:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Criminal Records Office Hit By A "Cyber Incident”
FBI Seizes $112m From 'CryptoRom' Criminals »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Australian Signals Directorate (ASD)

Australian Signals Directorate (ASD)

The Australian Signals Directorate is an intelligence agency in the Australian Government Department of Defence.

Zanasi & Partners

Zanasi & Partners

Zanasi & Partners is a security research and advisory company active in the EU and MENA areas. Services focus on technology solutions.

Protenus

Protenus

Protenus provide a solution to proactively monitor and protect patient privacy in the electronic health record (EHR).

Fraud.com

Fraud.com

Fraud.com ensures trust at every step of the customer's digital journey; this complete end-to-end protection delivers unified identity, authentication and fraud detection and prevention.

CyberSaint Security

CyberSaint Security

CyberSaint’s CyberStrong Platform empowers organizations to implement automated, intelligent cybersecurity compliance and risk management.

Atlantic Security Conference (AtlSecCon)

Atlantic Security Conference (AtlSecCon)

Atlantic Security Conference is a non-profit, annual, information security conference located in Halifax, Nova Scotia, Canada.

Jandnet Recruitment

Jandnet Recruitment

Jandnet Recruitment is a small specialist company working in the IT sector. We recruit across all IT disciplines including cyber security and digital identity.

DataPassports

DataPassports

DataPassports is a data-centric security and privacy solution that enforces privacy and security from end-to-end with transparent protection of data at the source.

Rhino Security Labs

Rhino Security Labs

Rhino Security Labs is a top penetration testing and security assessment firm, with a focus on cloud pentesting, network pentesting, web application pentesting, and phishing.

PSafe

PSafe

PSafe is a leading provider of mobile privacy, security, and performance apps. We deliver innovative products that protect your freedom to safely connect, share, play, express and explore online.

11:11 Systems

11:11 Systems

11:11 Systems synchronizes every aspect of network services for your business. Build your network with the industry’s most trusted expert skills.

SecurityGen

SecurityGen

SecurityGen is a global cybersecurity start-up focused on telecom security, with a focus on 5G networks.

SecureClaw

SecureClaw

SecureClaw offers specialized cybersecurity consultation, various products, and a range of services to meet your company's business domain needs.

Avatar Managed Services

Avatar Managed Services

Avatar offers proven, process driven IT support to companies who want to utilize their technology to their best advantage.

CorePLUS Technologies

CorePLUS Technologies

CorePlus solutions are designed to empower organizations with the tools they need to ensure the utmost protection for their assets, people, and information.

Parried

Parried

Parried is a leading Managed IT Services and Cybersecurity provider, known for blending deep technical knowledge with business strategy.