Threat Management

Japan facing explosion in cyber-crime, claims report

Despite having enjoyed low rates of cyber-crime compared to other developed economies for many years, there is every sign that the honeymoon is over for the Japanese economy.

That's according to Trend Micro's “The Japanese Underground” report into the country's growing cyber-crime problem.

Akira Urano, part of the forward looking threat research (FTR) team at Trend Micro, wrote in his report that Japan suffers from a high incidence of banking malware, second only to the United States, and was the country worst hit by the Angler Exploit Kit.

The country also suffered its own OPM-style breach this year when the Japan Pension Service was attacked and lost over one million personal records which included names, ID numbers, dates and birth and home addresses.

According to the Japan Times, police received 118,100 enquiries about cyber-crime in 2014, a 39.2 percent increase over 2013.

Despite this, Urano said the cyber-crime economy in Japan is less well-developed than you'd expect given the fact that there is a high rate of technical literacy in the country and 86 percent of the population are regular internet users.

He warns that the National Police Agency (NPA) could quickly become overwhelmed as the underground cyber-crime economy races to catch up with the rest of the world.

Bharat Mistry, cyber-security consultant at Trend Micro, told that the cyber-criminal community in Japan is highly secretive and hides behind layers of encryption and obfuscation. Outside of Japan, cyber-criminals would usually expect to be able to buy the tools of their trade quite easily on English, Russian or even Chinese darknet websites, but in Japan the bulletin board systems (BBS) where most of this business is conducted are well hidden and accessible by invitation only.

The 2channel BBS – the inspiration behind 4chan – is infamous in Japan for its anonymity which makes it an ideal outlet for anti-social and criminal behaviour, Urano said.

While it's impossible to assess directly, the demographics of Japanese cyber-attackers appears to be young, male gamers, judging by their preference for being paid in Amazon gift cards and PlayStation vouchers. “If you look at the types of tools they use like Angler, it allows a novice to take the kit and mount an attack, it's no different from the scripts that were on the internet in American and Europe 10 to 15 years ago,” he said.

“I think there is going to be a step-change next year. At the moment, they are teetering on the edge, they are buying the tech on the underground from Russians and Chinese, but if you look at the talent pool, the number of graduates they have and the technology that they are known for, it's only a matter of time before a group of individuals, an organised criminal gang, pulls together some people, puts a pot of cash in the mix and says, rather than work 50-60 hours a week for this amount of money, work for us and we'll give you this much more,” Mistry said.

He said Japanese legislation – which affords the NPA great powers in the fight against cyber-crime – has so far kept the underground economy in check but he predicts it won't last.

“The only thing stopping them at the moment is the legislation which is very tight, but as the market evolves, you'll see more people entering it,” he said. “I don't think the legislation is going to change – it's one of the strictest in the world – but if they can find a country to host their attacks that is less strict, they will offshore some of this and mount their attacks from there.”

Mistry further predicted that there will be a ‘trans-globalisation' of malware, which will see ransomware and other attacks customised for local languages and cultures.  

Organised crime has been slow to embrace cyber, he said, but he is certain that groups such as the Yakuza will get involved. “We will see a shift in attacks, including the currency demanded in ransomware attacks, the number of attacks and the amounts of money involved,” he said. “From our research we have not seen any active penetration yet,” he said. “But I think we will see a step change next year.” 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.