close
close

Cyber ​​defense: Set up a system to quickly detect and mitigate attacks

Cyber ​​defense: Set up a system to quickly detect and mitigate attacks

Numerous cyberattacks on government organizations and critical infrastructure occurred one after another. To prevent major damage, it is important to quickly recognize signs of attack.

The government’s expert panel examining the introduction of an “active cyber defense system” to prevent serious cyber attacks has drawn up its proposal.

The panel emphasized that the government should monitor cyberspace on a daily basis and that if it detects signs of an attack, it should be able to penetrate the other party’s system and neutralize it.

The panel also called on the government to require “core infrastructure providers” in 15 industries, including electricity, telecommunications and finance, to immediately report attacks to the government.

It must be said that Japan’s defense capabilities in cyberspace are weak. The Japan Aerospace Exploration Agency (JAXA) has been the target of multiple cyberattacks since last year and personal information of its employees has been compromised. Last year, the system at Nagoya Port stopped working due to a cyberattack.

Until now, Japan has only combated cyber attacks as an afterthought, based on the principle of a purely defensive security policy. However, given the increasing threat, it is necessary to recognize signs of an attack early and take preventative measures.

To achieve this, the government must collect communications information from service providers. However, it is currently not possible for service providers to provide information on the basis of the “secrecy of all means of communication” enshrined in the constitution.

In this regard, the expert panel specifically stated in its proposal that “the secrecy of communications is subject to necessary and proportionate restrictions for the public good.” To address privacy concerns, the panel also proposed the creation of a third-party organization to oversee the operation of the entire system.

It is the government’s responsibility to eliminate threats in cyberspace. In order to gain a comprehensive understanding of the specific actions related to this responsibility, the proposed third-party organization must have a high degree of independence.

In addition to system design, the actual operation of the system is also important, but concerns remain about coordination within the government.

The proposal states that police should be “first” responsible for defense and that the “Self-Defense Forces should intervene when necessary.”

In recent years, police departments, which have increased their preparations for cybercrime and infrastructure attacks, appear to be trying to take control of the entire cyber response. This must not end in a turf war.

In the early stages of a cyberattack, it is unclear whether it is a domestic crime or a potential military threat. Sharing information with allies and friendly nations is essential.

The entire government, including not only the Department of Defense but also the Department of State and Justice, should build a threat management system.

(From The Yomiuri Shimbun, November 30, 2024)