By blog Mar 11 2022
According to the results of a Ministry of Internal Affairs and Communications survey published in October 2020, the adoption rate of remote work among prefectures (47 organizations) and government-designated cities (20 organizations) increased to 95.5%. However, in municipalities (1,721 organizations), which account for the majority, the rate appears to be only 19.9%.
In addition, the Ministry of Internal Affairs and Communications indicates that the most common reason for not implementing remote work systems was that "consultation and counter services do not fit in with remote work" (82.7%), followed by "concerns regarding information security.”
While there is reluctance on the part of many local governments due to security concerns, it is a fact that not only companies but also governments are becoming targets of cyber attacks.
In order to protect information from increasing cyber attacks, in 2015, the Ministry of Internal Affairs and Communications published the following “three-tier measures” regarding information security for local governments.
1. Disable data export settings and two-factor authentication
2. Access control
3. Robust countermeasures against external attacks
However, as cyber attacks are becoming more sophisticated, it is necessary for local governments to further strengthen their countermeasures.
Below are three examples of virus attacks targeting municipalities:
This 2015 incident, which triggered the above-mentioned “three-tier measures” by the Ministry of Internal Affairs and Communications, was unauthorized external access of the Japan Pensions Service system that resulted in the leak of approximately 1.25 million pieces of personal information. The cause is believed to have been a staff member who opened an infected file attached to an email.
Starting on February 16, 2022, the cloud service used by Hiroshima Prefecture and 23 municipalities in the prefecture was hit with a distributed denial-of-service (DDoS) attack over two days. This cyber attack technique disrupts the normal functioning of a website or server by sending an overwhelmingly large amount of Internet data. As a result, the websites of the affected organizations experienced poor connectivity. However, the demands and objectives of the attackers were not determined.
On February 5, 2022, an Aichi Prefecture employee launched the prefecture’s PCR inspection system. Instead of the Japanese text that usually appeared, there was a message in English on the screen, and the employee discovered that the system was unusable. A subsequent investigation revealed that the server managing the system’s data had been attacked by ransomware. No personal information was leaked as a result of the attack, but the server was forced to shut down temporarily.
On February 23, 2022, the Ministry of Economy, Trade, and Industry (METI) issued a statement titled "Reminder to Strengthen Cyber Security Measures in Light of Recent Developments.” In the statement, METI listed security measures that companies and organizations should take, as well as expanding their awareness of cyber attack threats due to the increased potential risks. The following is an examination of some of these measures.
Obviously, passwords must be used when accessing Internet services; however, the same passwords should not be used repeatedly. Also, whenever possible, passwords should be at least 12 characters in length and should consist of a mixture of symbols, numbers, and upper and lower case alphabetic characters.
Multi-factor authentication refers to an authentication system that combines two or more of the three authentication factors: “Something You Know,” Something You Have,” and “Something You Are.” Recently, passwords alone are no longer considered to be sufficient security, and multi-factor authentication is beginning to be adopted by many cloud services.
One example of multi-factor authentication in use is when withdrawing cash from an ATM: the combination of the physical card as “Something You Have” and the password as “Something You Know.” For websites, "one-factor authentication" using only passwords has been the mainstream for many years. However, in September 2018, Microsoft declared the "end of the password era," and since then, multi-factor authentication has been adopted by many cloud services. Currently, the most widely used multi-factor authentication method is logging in with an ID and password (Something You Know) and entering an authentication code generated by a smartphone app (Something You Have).
Today, the “Internet of Things” (IoT) is everywhere, in homes and workplaces, including home appliances, automobiles, office multifunction devices, factory sensors, and surveillance cameras. Of course, government agencies are no exception.
It is important to understand that as long as IoT devices are connected to the Internet, they present the same security risks as computers and smartphones. In fact, IoT devices are already the target of malware and other cyber attacks that affect data or functionality. As far as municipalities in Japan are concerned, there have been cases of unauthorized access to surveillance cameras in rivers and other areas in 2018.
Because these vulnerabilities in devices that control the connection to the Internet are often exploited in attacks, it is important to promptly install the latest firmware, updates, and other security patches.
Since its discovery in 2014, the Emotet malware continues to be a problem around the world and is reported to have resumed its attacks in November 2021, after a sharp decline in infections in Japan since April 2021. According to the Japanese Information-technology Promotion Agency (IPA), as of February 2022, the number of incidents is still increasing and continued caution is required.
The modus operandi of Emotet's attackers is simple and consistent. They trick victims into opening email attachments or clicking on URL links to infect their devices and steal email information. Not only that, if initially successful, the infection can spread throughout the system to infect other terminals, other companies, and other organizations.
Therefore, even if an email appears to be valid, perhaps from an important customer, business partner, or acquaintance, it is important to make a habit of carefully checking whether or not it is genuine before opening the attachment or URL link.
We also recommend "Tsukaeru Mail Buster" by Tsukaeru.net as another solution. This excellent service blocks junk and targeted attack emails before they reach the email server. As it is a completely cloud-based email security service, there is no need for installation on individual computers and no need to update to the latest version.
One of the most common cyber attack threats that both government and private companies face is ransomware. According to the METI, the average ransom paid by companies affected by ransomware in Japan is approximately 114 million JPY (1.0 million USD).
One essential countermeasure is to store backup data in offline storage. In this way, in the unlikely event of a ransomware infection, the backup data can be restored after the storage is completely initialized and the ransomware is erased.
In addition to prefectures and government-designated cities, remote work is expected to be embraced by local municipalities in the future. Not only will employee awareness of cyber attack threats need to be increased, but the on-site systems will also need to be modified appropriately.
One popular solution for this situation is Tsukaeru Cloud Backup provided by Tsukaeru.net. This cloud-based service combines not only backup functions, but also protects and allows data usage in one single and convenient package.
Service stability is especially important for government agencies. In this regard, Tsukaeru Cloud Backup employs an "image backup" method that creates a copy of the entire system at once, allowing normal operations to quickly resume even in the event of data loss.
The service also uses the highest level of security, the same as the U.S. military, protecting all file transfers with AES-256 encryption. In addition, Active Protection, an AI-based technology, immediately detects and intercepts suspicious modifications to files, backup data, and backup software to protect valuable data from ransomware attacks.
The affordable price of 1,408 JPY per month (two-year contract), including 200 GB capacity, one computer, and three mobile devices enables low-cost introduction.
Please feel free to contact us below to find out about a free 30-day trial!
Click here to learn more about Tsukaeru Cloud Backup.
Call toll-free: 0120-961-166
Office hours: 10:00-17:00