A cyber attack by suspected Russian hackers disrupted at least 20 Japanese government websites across four ministries, including the eLTAX and e-Gov portals.
Chief Cabinet Secretary Hirokazu Matsuno said the pro-Russia group Killnet had claimed responsibility for the attack on the government websites.
“We are aware that the (Killnet) hacker group suggested it was behind the attacks, but at the moment, we are still investigating the cause of the failures, including the group’s involvement,” Matsuno said.
Meanwhile, a Killnet claim appeared on social media stating that the group was resisting the Japanese government’s militarism and was kicking the Samurai.
Russian hackers deploy DDoS attacks against “enemy'” government websites
The pro-Russia hacktivist group uses distributed denial of service (DDoS) attacks to paralyze the government websites of countries hostile toward the Kremlin.
DDoS attacks involve bombarding a target website or network with a barrage of automated requests breaking its capacity, thus preventing legitimate users from accessing the website.
The Russian hackers have executed DDoS attacks against multiple government websites for countries that supported Ukraine during the ongoing conflict.
In August 2022, the same group of Russian hackers attacked over 200 Estonian government websites after the country removed a Soviet T-34 tank from public display to a museum.
In May, the Italian Computer Security Incident Response Team (CSIRT) blocked a cyber attack on the Eurovision Song Contest voting system. The cyber attack was intended to prevent Ukraine from winning the competition after organizers banned Russia for the first time since 1994. Following the attack, CSIRT warned about potential attacks on Italian businesses by unnamed Russian hackers, likely the Killnet group.
Since January, the group has claimed several attacks on Japanese soil, including a cyber attack on a Japanese credit card company and a social media services operator, Mixi.
Russian hackers did not compromise personal information during the cyber attack
The government’s e-Gov website became inaccessible on Tuesday, Sept. 7, at 4:30 pm but was restored by the end of the day. The website allows citizens to apply for various government services, view legislation, and give feedback on various issues.
According to officials from the digital agency, the cyber attack did not compromise personal information stored on the impacted websites.
Cyber attack in response to broader conflict
Apart from Japan’s support for Ukraine in the ongoing conflict, the two countries are at loggerheads over the disputed Kuril islands off the Pacific Ocean.
Japan had opposed recent Russian military drills on the contested territory. Subsequently, Moscow responded by scrapping visa-free entry for Japanese citizens to the floating land masses annexed by the Soviet Union at the end of World War II.
Additionally, Japan was also critical of the Russian invasion and participated in sanctioning Moscow and helping Ukraine.
Thus, the latest cyber attack could also signal that Russian hackers were actively targeting Japan in an ongoing wider geo-political war between western powers, their allies, and Russia.
“This attack on Japan comes after a recent Killnet wide-scale attack on sites in Italy, Lithuania, Estonia, Poland and Norway, and more planned attacks can be expected in the future,” said Sergey Shykevich, Threat Intelligence Group Manager at Check Point Software.
“Our recent Mid-Year Security report revealed that besides a 42% global increase in cyberattacks, there was also a huge increase in state-sponsored and state-mobilized hacking groups, which have gained momentum since the start of the Russia-Ukraine war.”
According to Nadir Izrael, Co-Founder and CTO at Armis, cyber warfare were at its peak with such attacks intended to aggravate the average citizens forcing them to ask “why sanctions exist or why one nation state is interfering with conflicts of another.”
“There’s been an acute change in boldness we’re seeing: cyberwarfare used to be hidden in cloaks and daggers, happening under the radar strictly for the purpose of intelligence gathering,” Izrael said.
“Today, this offensive route is out in the open – arguably flaunted by threat actors and nation states intended to cause disruption or damage.”
Izrael noted that the cyberwar landscape had monumentally evolved in the last five years. However, the average citizen was unaccustomed to cyber warfare being a legitimate tool deployed by adversaries, putting everyone on the front lines. Such attacks usually target government websites that most people require for critical services to create frustration and threaten the social order.
“Even if the disruption itself doesn’t seem major, a cyberattack on the government can create an underlying fear of chaos amongst citizens,” he warned. “Every country and organization should think very carefully about its cybersecurity posture.”