Japan’s Leading Companies Exposed To Ransomware

Uploaded on 2023-04-14 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, BUSINESS-Services-Financial

A hacking attack on the largest Japanese IT company has affected the country’s corporate sector and cyber security experts predict that this could cause a surge in ransom attacks by organised criminal gangs on companies and their customers.

Over 10 leading Japanese companies say they have been affected by the hacking at Fujitsu, which supplies Internet infrastructure to thousands of companies.

Last December Fujitsu received information from the police that triggered an internal investigation into a cyber incident that had taken place, allowing external access to communications sent through a Fujitsu-based email system. 

Fujitsu has now admitted that it was hacked in 2022 but it refuses to disclose how many of its customers were hit.

Tokio Marine & Nichido Fire, which is one of Japan’s largest underwriters of corporate insurance against cyber attacks and a prime target for ransomware gangs, said it was affected by the Fujitsu leak. The company said it took the situation seriously and they have been contacting their corporate clients to discuss the possible impact of the breach and the potential loss of sensitive data. 

The technology giant Kyocera, clothing maker Goldwin and property developer Sekisui House have all said within the past month that they are also among the companies affected by the Fujitsu incident.

Cyber security experts said that the attack on Fujitsu was consistent with the tactics of highly professional gangs in Russia and Belarus who target Japanese companies and organisations as they often have relatively low-level defences and their willingness to pay a ransom tends to be high.

IBM Security has said in its 2022 Data Breach Report that ransomware attacks were sharply on the rise, with the global average cost to companies suffering a ransomware attack was $4.5m, not including the payment of the ransom itself.

The best way to prevent a data breach is to understand why it’s happening. “For 83% of companies, it’s not if a data breach will happen, but when...  When detecting, responding to and recovering from threats, faster is better. Organisations using AI and automation had a 74-day shorter breach lifecycle and saved an average of $3m more than those without,” says IBM’s Report

Fujitsu said it has launched an internal investigation into the incident after it first received information from the police, nearly four months ago. The company has apologised and said it was investigating and co-operating with affected clients.

It was the second significant attack on the group in as many years. In 2021, Fujitsu’s cloud service for government agencies was targeted by hackers, resulting in a data breach at the foreign ministry, the cabinet office and other ministries. Data from Fujitsu was subsequently found being sold on the Dark Web by a criminal group named Marketo.

Insurance Business:      IBM:       Bleeping Computer:       ZDNet FT:    

You Might Also Read: 

Outsourcing IT Systems & Data Management Can Be A False Economy:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Criminal Records Office Hit By A "Cyber Incident”
FBI Seizes $112m From 'CryptoRom' Criminals »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Opscura

Opscura

Opscura (formerly Enigmedia) brings the reliable and cautious hands of operations together with the analytical minds of cyber experts and cryptography researchers.

PhishLabs

PhishLabs

PhishLabs provides 24/7 services that help organizations protect against the cyberattacks targeting their employees, their customers and their brands.

Claroty

Claroty

Claroty was conceived to secure and optimize OT networks that run the world’s most critical infrastructures.

RKH Specialty

RKH Specialty

RKH Specialty, part of the Hyperion Insurance Group, is a provider of specialty insurance services including Cyber Risk cover.

Quadron Cybersecurity Services

Quadron Cybersecurity Services

Quadron Cybersecurity Services is a specialist in digital security, data and system protection.

NLnet Labs

NLnet Labs

NLnet Labs is a not-for-profit foundation with a long heritage in research and development, Internet architecture and governance, as well as security in the area of DNS and inter-domain routing.

ComCERT

ComCERT

ComCERT SA is an independent, private consulting company focusing in the assistance of its customers facing the dangers of cyber threats and security incidents.

Absolute IT Asset Disposals

Absolute IT Asset Disposals

Absolute IT Asset Disposals is an IT asset disposal (ITAD) company providing safe and secure recycling of IT assets.

BoldCloud

BoldCloud

BoldCloud's award winning Cybersecurity Advisory services and Layered Security approach adds new critical layers of protection for your data and your business.

Sontiq

Sontiq

Sontiq is committed to providing best-in-class, highly scalable, award-winning identity security solutions to consumers, businesses and government agencies.

Nostra

Nostra

Nostra are a next generation managed services provider with a constant focus on Security and Business Continuity.

VISTA InfoSec

VISTA InfoSec

VISTA InfoSec is a global Information Security Consulting firm with offices based in US, UK, Singapore and India.

FourNet

FourNet

FourNet is an award-winning provider of cloud and managed services; we work closely with our clients to enable digital transformation across their organisation.

ImmuneBytes

ImmuneBytes

ImmuneBytes is a cutting-edge security startup that aims to provide a secure blockchain environment for a dependable and open Web3 ecosystem.

Computacenter

Computacenter

Computacenter is a leading independent technology partner, trusted by large corporate and public sector organisations. We help our customers to source, transform and manage their IT infrastructure.

Getvisibility

Getvisibility

Getvisibility enables customers to detect, classify and protect sensitive information increasing data security, governance, compliance and lowering the risk of losing valuable data.