Japan to bulk up cybersecurity units for nation's defense
TOKYO -- Japan's Ministry of Defense plans to increase its staff handing cybersecurity, including by hiring from the private sector, to deal with increasingly sophisticated attacks by China, Russia and others.
There were about 660 such personnel in the Self-Defense Forces as of the end of fiscal 2020. Plans call for increasing this to more than 1,000 by fiscal 2023.
Cyberattacks traditionally involved computer viruses that infiltrate networks and steal information, but hackers have become more sophisticated in recent years. U.S. and European companies were scrambling on Saturday to contain a ransomware attack that hit American information technology company Kaseya. That attack, which forced the Swedish Coop grocery store chain to close all 800 of its stores, followed a similar attack on a U.S. pipeline operator in May. The attacks have also been on the rise in Japan.
An attack on the SDF's communications network could disrupt or stop the activities of units stationed across Japan. Classified information related to national defense could also fall into the wrong hands. Such situations would have a major impact on national security.
The ministry is looking to strengthen cyber defenses in both quantity and quality.
The 660 cybersecurity personnel protecting the shared systems for the entire SDF and for the air, sea and land forces are expected to be increased to 800 by the end of the current fiscal year ending March 2022.
A unit that will oversee cyber defense for the entire SDF will launch in 2022 by consolidating units for each branch, in a move to improve efficiency.
Earlier this fiscal year, a cybersecurity course was introduced at the Ground Self-Defense Force's engineering school. This course was designed to train cybersecurity personnel by teaching the basics such as programming languages.
The defense ministry will also seek outside expertise to prepare against increasingly sophisticated attacks. This month, it hired a cybersecurity supervising adviser from Nippon Telegraph and Telephone and another from major cybersecurity firm LAC. They will work at the ministry two to three days a week while remaining employees of their respective companies.
The NTT group has more than 300,000 employees. Protecting such a large organization from cyberattacks requires each employee to be conscious of threats and for executives and managers to have relevant knowledge. The SDF, which has more than 200,000 personnel, will consider setting up a training program based on NTT's know-how in the field.
In addition to current programs in which SDF personnel go abroad to train, they will learn how to deal with cyberattacks from experts with advanced knowledge and skills.
Although their compensation has not been disclosed, the Defense Ministry earmarked 20 million yen ($180,000) in the fiscal 2021 budget for hiring the advisers.
Japan is also stepping up cooperation with its main ally, the U.S. The Maritime SDF conducted cyberattack drills on board the Izumo helicopter carrier with the U.S. military last month.
"The U.S. Navy is ahead of us," said Hiroshi Yamamura, the chief of staff of the MSDF. "We were able to share how we do things and the thinking behind it, and that was significant."
Warships sail while constantly connected to a network, so any vulnerabilities in communications at sea increase the risk of a virus infection. A virus can also enter the system via a flash drive used in the maintenance of a vessel, impacting the ship's navigation system, for example.
Japan's cyber capabilities were assessed as "Tier Three," the lowest in a three-grade scale, by British think tank International Institute for Strategic Studies in a report released last month. The report pointed out weakness in the area of national security.
China and Russia are increasingly focusing on combining physical attacks by air, sea and land forces with cyber and electromagnetic pulse attacks. China is said to have 30,000 personnel in its cyberattack units. This has raised the urgency of the SDF's efforts to add more personnel and strengthen the capabilities of its cyber units and work with the U.S.