The Journal The Authority on Global Business in Japan

Japanese companies are waking up to the risks posed by Tokyo hosting the Olympics this summer and are taking measures to mitigate any cyberattacks that might come their way as the world’s eyes focus on the country for two weeks beginning July 24.

They do not have to go too far back in time to find an example of an Olympic host coming under attack. In 2018, malware almost delayed the opening ceremony of the Pyeongchang Winter Olympics, in South Korea, according to reports. The cyberattack targeted the organizing committee and partner companies, seizing servers and about 300 computers.

With Russia being hit with a four-year Olympic ban—and Japan’s relations with some countries growing tense—2020 “has turned out to be really bad timing for Japan,” said Yukimi Sohta, a representative of Cybereason, a cybersecurity service provider based in Boston, Massachusetts.

As global tensions rise, so does the potential for cyberattacks.

Already, underground cybercrime campaigns and communities in China are being uncovered as they chatter using terms such as “20” and “Tokyo,” Sohta said.

Dawning technologies such as the Internet of Things and trends like working from home are creating additional head­aches for Japan and the Olympics.

Threats last April moved the Japanese government to set up a cybersecurity response center to help companies, the Tokyo Metropolitan Government, and the Olympic Organizing Committee share information and take action should the need arise. It has also carried out a comprehensive study of electricity suppliers, railways, and other crucial sectors.

But companies themselves must take precautions.

Companies involved with critical infrastructure have been adopting stronger security measures in recent years. Tokyo Electric Power Company set up a cybersecurity center in 2018. And in December, Hitachi, Ltd. set up a facility where its employees can train and conduct cybersecurity research. Hitachi produces equipment for a lot of the country’s infrastructure and operates some of that infrastructure itself.

During the Tokyo 2020 Olympic and Paralympic Games, Tokyo Gas Co., Ltd. will partner with Israel Electric Corporation, which has experience dealing with attacks.

Companies declined to comment on specific anti-cyberattack measures for fear of clueing in hackers. But official Olympic sponsor Asics Corporation said its employees are training under the National Institute of Information and Communications Technology. Sumitomo Mitsui Banking Corporation said it is “undertaking simulations and evaluating its business continuity plan, with several types of cyberattacks in mind.”

According to a report published in 2018 by the Washington, DC-based Center for Strategic and International Studies and McAfee, LLC, an anti-virus software provider, cybercrimes sap the global economy of about $600 billion a year, up from $445 billion in 2014.

Experts say it is now almost impos­sible to fully prevent malware attacks, and Japanese companies have only begun to wake up to this reality. Kenji Uesugi, senior fellow at the Japan Cybersecurity Innovation Committee (JCIC), an independent and not-for-profit thinktank, suggests companies focus on mitigating the impact of attacks rather than on preventing them.

“Japanese companies just started becoming aware [of the importance of cybersecurity],” said Norihiko Ishihara of Cybergym Control Ltd., which provides corporate training sessions on defending critical systems.

Ishihara said Japanese companies lag their US counterparts, who have more to spend on cyber defenses, when it comes to mitigating the impact of attacks.

He also said most Japanese engineers are not battle tested—especially compared with their counterparts in countries such as Israel.

Some companies are trying to catch up, however. Cybergym provides training to about 80 companies in Japan, with each paying up to ¥500,000 per employee. Cybergym says its Tokyo sessions are almost full and that it is planning to open another training center in the city this year.

Tokio Marine & Nichido Fire Insurance Co., Ltd. said the number of its cybersecurity insurance policyholders increased 30 percent during the period from April through November compared with the previous year. However, “understanding of risks among small and medium-sized enterprises is relatively low,” a company representative said.

In a survey by US cybersecurity company FireEye, Inc., 14 percent of responding managers and executives in Japan said they are not prepared for a cyberattack. It was the highest rate among the eight surveyed countries, which include China, South Korea, Germany, and France.

According to the JCIC, which looked at the stock prices of Japanese companies that reported cyber incidents, the value of shares dropped by an average of 10 percent after news of the attacks broke.

There is no such thing as enough preparation, the JCIC’s Uesugi emphasized. “Attacks are evolving,” he said, and “it is impossible to tell how best to deal with them in half a year.” 

A group of Chinese hackers has struck businesses across Japan and South Korea, employing tech­­­­niques designed to evade conventional cybersecurity defenses.

The latest attack was reported on January 20 by Japan’s Mitsubishi Electric Corporation. Cyberthieves may have gained access to more than 8,000 pieces of personal information, the company said, but reported that­—at the time—they believed no highly sensitive information had been compromised.

The Chinese hacker army known as Tick is suspected of involvement in the attack, said a source close to the investigation. The group previously has targeted tech companies in South Korea.

Tick’s favored method of operation begins with stealing email accounts belonging to private market research companies. The hackers then send emails to Chinese subsidiaries of target corporations in the guise of the research firms.

The emails contain malware that can be controlled remotely by Tick. Using the subsidiary’s computer system as a steppingstone, the hackers can gain access to the parent company’s networks and steal sensitive information.

Tick has grown increasingly active since roughly November 2018, when the group accelerated its development of malware, Tokyo cybersecurity company Trend Micro Inc. said. The hackers continuously modify malware and other tools to slip past cybersecurity software and device scans.

The infiltrators also have become adept at covering their tracks. It can take years before a company discovers the breach. Some in the Japanese government fear that hackers have compromised businesses other than Mitsubishi Electric.

But Tick is not the only hacker collective. In December 2018, the United States and Japan issued statements condemning a team called APT10.

Japan has urged domestic companies to bolster cyber defenses, and the Ministry of Defense is rolling out tougher security standards for contractors. The level of compliance will be similar to what is required by the US Department of Defense.

In 2018, malware almost delayed the opening ceremony of the Pyeongchang Winter Olympics.