Japanese Businesses Endure Widespread DDoS Attacks

During the recent holiday season, major Japanese corporations, including the national airline and significant banking institutions, were subjected to a series of distributed denial-of-service (DDoS) attacks. These coordinated operations severely disrupted online services across multiple sectors, particularly logistics, government, and finance.

The attacks impacted NTT Docomo, Japan’s largest wireless carrier, whose services like the “goo” portal, ecommerce platform Dpay, and various streaming services were knocked offline for over eleven hours starting early Thursday morning. With approximately 90 million subscribers, this disruption prompted significant operational challenges.

In a related incident, Resona Bank reported that its My Gate application faced interruptions due to a DDoS attack. While the outage was brief, it did not lead to any data breaches, as confirmed by the bank’s parent company, Resona Holdings. The incident also affected several affiliated banks under its umbrella, including Minato Bank and Kansai Mirai Bank.

Mizuho Bank, the third-largest financial institution in Japan, fell victim to similar DDoS activity, experiencing three hours of online service disruptions. This incident followed reports that Mitsubishi UFJ Financial Group—Japan’s largest bank—also faced technological difficulties due to separate DDoS attempts that occurred just after Christmas.

Japan Airlines struggled with what appeared to be a DDoS attack during the holiday period, resulting in disruption of ticketing operations and delays for numerous domestic flights. Fortunately, the airline managed to contain the incident swiftly, avoiding significant fallout.

The rise in DDoS incidents aimed at high-profile Japanese firms coincides with a notorious increase in assaults linked to Russian-themed hacktivist groups. Following Japan’s joint military exercises with the United States near Russia’s eastern coastline, several DDoS disturbances were initiated against political entities and major corporations. Threat actors regularly employ techniques consistent with the MITRE ATT&CK framework, including the use of DDoS services that are often inexpensive and easily accessible, thus magnifying their risk.

Recent cybersecurity assessments by Netscout indicate that DDoS attacks on Japanese targets are significant in volume, with nearly 2,000 such incidents observed daily. These attacks often exploit underlying vulnerabilities in logistics and governmental infrastructures and have increasingly targeted critical manufacturing sites. The concerted efforts by Japan’s National Police Agency to combat this trend include joint investigations with Europol, which recently led to the dismantling of 27 DDoS-for-hire services across Germany, the Netherlands, and Canada.

In conclusion, the notable surge in DDoS attacks on Japanese businesses highlights the urgent need for robust cybersecurity measures. As cybercriminals become more sophisticated in their approach, organizations must remain vigilant and invest in advanced protections to safeguard their digital assets.