TOKYO, Oct 16 (News On Japan) - The escalating wave of cyberattacks targeting Japanese companies is forcing a shift in corporate security strategies, with experts warning that preventing intrusions entirely is no longer realistic and that minimizing damage after a breach has become the new priority.
Asahi Group Holdings was hit by a ransomware attack in late September that temporarily halted production at its plants and continues to disrupt operations at 18 sites, forcing staff to rely on manual work. A group calling itself “Kiri” claimed responsibility on October 7th, boasting of stealing around 9,300 pieces of data, including what appear to be employee personal details and internal company files.
Similar incidents have surged in Japan, with Kadokawa reporting a 2.4 billion yen special loss after its book distribution system was paralyzed by an attack in June last year, and Casio suffering delays in announcements and product launches following a breach in October. According to Nikkei senior editor Tatsuya Sudo, the rise reflects a broader global trend: ransomware attacks are increasing worldwide, and Japan is no exception. In the past, language barriers deterred attackers from targeting Japanese firms, but advances in phishing and translation tools have largely removed that obstacle, making Japanese networks easier to penetrate.
The rapid digitization of corporate operations is also increasing vulnerabilities. As more companies adopt cloud-based services, their once-isolated internal systems are now connected to the internet, expanding the potential attack surface. VPN devices that link internal networks to the outside are frequently exploited, often through vulnerabilities unknown even to their manufacturers. The situation is further exacerbated by outdated software: Windows 10 support ended on October 14th, yet nearly 12 million PCs in Japan — about 20% of all devices — still run the OS, with roughly 5 million used by businesses. Unsupported systems and forgotten networked devices present easy entry points for attackers.
Experts stress that the first step for companies is to inventory all connected devices and understand what is operating within their networks. Many breaches occur because abandoned or unmonitored equipment remains online and exploitable. Beyond that, organizations should view cyberattacks as a form of disaster, not merely system failure. “It’s no longer possible to prevent every intrusion,” Sudo said. “The priority must be on limiting damage and ensuring operations can continue even if systems go down.”
This shift requires developing comprehensive business continuity plans (BCPs), including strategies to maintain essential functions without relying on compromised IT infrastructure. Companies should train employees in emergency protocols and ensure that critical processes can operate offline if necessary. As the threat landscape evolves, firms that focus solely on defense risk being overwhelmed — but those that plan for the worst can weather attacks with far less disruption.
Source: テレ東BIZ
