Online Security: Japanese government plans cyber attack institute
The government of Japan will create an institute to train employees to counter cyber attacks. The institute, which will be operational early next year, will focus on preventing cyber attacks on electrical systems and other infrastructure.
The training institute, which will operate as part of Japan’s Information Technology Promotion Agency (IPA), is the first center for training in Japan to focus on preventing cyber attacks. A government source said that the primary aims will be preventing a large-scale blackout during the Tokyo Olympics and Paralympics in 2020, and stopping leaks of sensitive power plant designs.
The source also stated that there is potential for a joint exercise in cyber awareness between the Japanese group and foreign cybersecurity engineers in the future.
The counter cyber attack training institute will take 100 employees of electrical power and related firms and train them for a full year in Tokyo, using former hackers and cyber security experts as instructors. Funds will be allocated through an extra budget that is currently being compiled.
Cyber security is a growing concern in Japan, where over 12 billion cyber attacks were reported in 2014 by the National Institute of Information Technology. The Japanese national police force reported that instances of cyber crime investigated by the police rose 40% from 2014-2015. In February of this year, a study at Cylance SPEAR identified a hacking group that was targeting Japanese infrastructure. While the group was involved mainly in spying activities and had yet to launch a disruptive or destructive attack, the report warned that the activity was likely to escalate.
The need for a comprehensive cybersecurity training program focused on electrical infrastructure was highlighted after the December 2015 power outage in Ukraine, which left 230,000 citizens without power or heat. That attack, the first time a confirmed hack brought down a power grid, demonstrated the vulnerability of electrical stations to a malicious cyber attack. While employees were able to bring the systems back online in a few hours, the power station control centers were reportedly not fully operational for months after the attack.
In June of 2015, Japan’s pension agency was illegally accessed, and the personal data of over 1 million users was leaked. Then, in January of this year, Japan’s Hokkaido University suffered a breach that resulted in the leak of personal data for 110,000 of its students. An unsecured server in the career placement office was believed to be the source of the hack.