Japan’s Leading Companies Exposed To Ransomware

Uploaded on 2023-04-14 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, BUSINESS-Services-Financial

A hacking attack on the largest Japanese IT company has affected the country’s corporate sector and cyber security experts predict that this could cause a surge in ransom attacks by organised criminal gangs on companies and their customers.

Over 10 leading Japanese companies say they have been affected by the hacking at Fujitsu, which supplies Internet infrastructure to thousands of companies.

Last December Fujitsu received information from the police that triggered an internal investigation into a cyber incident that had taken place, allowing external access to communications sent through a Fujitsu-based email system. 

Fujitsu has now admitted that it was hacked in 2022 but it refuses to disclose how many of its customers were hit.

Tokio Marine & Nichido Fire, which is one of Japan’s largest underwriters of corporate insurance against cyber attacks and a prime target for ransomware gangs, said it was affected by the Fujitsu leak. The company said it took the situation seriously and they have been contacting their corporate clients to discuss the possible impact of the breach and the potential loss of sensitive data. 

The technology giant Kyocera, clothing maker Goldwin and property developer Sekisui House have all said within the past month that they are also among the companies affected by the Fujitsu incident.

Cyber security experts said that the attack on Fujitsu was consistent with the tactics of highly professional gangs in Russia and Belarus who target Japanese companies and organisations as they often have relatively low-level defences and their willingness to pay a ransom tends to be high.

IBM Security has said in its 2022 Data Breach Report that ransomware attacks were sharply on the rise, with the global average cost to companies suffering a ransomware attack was $4.5m, not including the payment of the ransom itself.

The best way to prevent a data breach is to understand why it’s happening. “For 83% of companies, it’s not if a data breach will happen, but when...  When detecting, responding to and recovering from threats, faster is better. Organisations using AI and automation had a 74-day shorter breach lifecycle and saved an average of $3m more than those without,” says IBM’s Report

Fujitsu said it has launched an internal investigation into the incident after it first received information from the police, nearly four months ago. The company has apologised and said it was investigating and co-operating with affected clients.

It was the second significant attack on the group in as many years. In 2021, Fujitsu’s cloud service for government agencies was targeted by hackers, resulting in a data breach at the foreign ministry, the cabinet office and other ministries. Data from Fujitsu was subsequently found being sold on the Dark Web by a criminal group named Marketo.

Insurance Business:      IBM:       Bleeping Computer:       ZDNet FT:    

You Might Also Read: 

Outsourcing IT Systems & Data Management Can Be A False Economy:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Criminal Records Office Hit By A "Cyber Incident”
FBI Seizes $112m From 'CryptoRom' Criminals »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ON-DEMAND WEBINAR: Gen AI for Security: Adoption strategies with Amazon Bedrock

ON-DEMAND WEBINAR: Gen AI for Security: Adoption strategies with Amazon Bedrock

Watch this webinar and get a comprehensive roadmap for securely adopting generative AI using Amazon Bedrock, a fully managed service that offers a choice of high-performing foundation models (FMs).

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Information-Technology Promotion Agency (IPA) - Japan

Information-Technology Promotion Agency (IPA) - Japan

IPA is an implementing agency in Japan with a role to address Information Security, IT Systems Reliability and IT Resource Development.

RunSafe Security

RunSafe Security

RunSafe Security is the pioneer of a patented cyberhardening transformation process designed to disrupt attackers and protect vulnerable embedded systems and devices.

Alsid

Alsid

Alsid helps corporates to anticipate attacks by detecting breaches before hackers can exploit them.

National Accreditation Agency of Ukraine (NAAU)

National Accreditation Agency of Ukraine (NAAU)

NAAU is the national accreditation body for Ukraine. The directory of members provides details of organisations offering certification services for ISO 27001.

Secure IT Disposals

Secure IT Disposals

Secure IT Disposals specialise in professional Computer Recycling, Computer Disposals, Computer Destruction, Data Erasure and end-of-lifecycle solutions.

Kentik

Kentik

Kentik - one platform for Network Visibility, Performance, and Security.

StateRAMP

StateRAMP

StateRAMP reduces risk from unsecure cloud solutions and protects data by providing State and local governments a standardized approach for verifying and monitoring security postures.

Deft

Deft

Deft (formerly ServerCentral Turing Group) is a trusted provider of colocation, cloud, and disaster recovery services.

Purism

Purism

Purism works with hardware component manufactures and the free software community to build high quality hardware that respects your digital life.

Bright Pixel Capital

Bright Pixel Capital

Bright Pixel Capital is a venture capital company with a focus on Cybersecurity, Retail Technologies, Digital Infrastructure and Emerging Technologies.

RecoLabs

RecoLabs

Reco’s proprietary AI technology dynamically maps business interactions within your collaboration tools to identify sensitive assets shared and uncover incidents that are relevant to your business.

Creative Destruction Lab (CDL)

Creative Destruction Lab (CDL)

Creative Destruction Lab is a nonprofit organization that delivers an objectives-based program for massively scalable, seed-stage, science- and technology-based companies.

Splashtop

Splashtop

Splashtop’s cloud-based, secure, and easily managed remote access solution is increasingly replacing legacy approaches such as virtual private networks.

Obrela Security Industries

Obrela Security Industries

Obrela Security manage cyber exposure, risks and compliance. We identify, predict and prevent cyber threats in real time. As a service, personalised, on demand.

Cydea

Cydea

Cydea are an optimistic cyber security consultancy of experts in security, data, technology and design that want to build a safer, more secure world where more things go right.

BBS Technology

BBS Technology

BBS Technology is a company that develops and delivers next-generation cyber security technologies worldwide.