Japan still lags behind the US and Europe in defending against cyber threats and the entire corporate sector needs to improve, the country’s new cyber chief said.
“Our own intention is that it will improve its capability, but it’s just the beginning,” national cyber director Yuichi Iida said in an interview with Bloomberg News on the sidelines of a cybersecurity conference in Tokyo on Tuesday.
A series of recent violations has highlighted Japan’s weaknesses. A ransomware attack was thwarted at Asahi Group Holdings Ltd., while Askul Corporation suffered a breach that disrupted its e-commerce platform. Nikkei Inc. also reported a virus infection that exposed employee and business partner information.
Read more: Japanese companies brace for more attacks as cybercrimes climb
At the CEDEF 2025 conference, IIDA said that the severity and volume of cyberattacks against Japan has increased significantly, with an Internet-connected device experiencing some form of malicious communication every 13 seconds.
He told Bloomberg shortly after his speech that small Japanese companies are the most exposed to the lack of resources, but large firms are far from immune.
“I wouldn’t be surprised if I found some holes or some mistakes by the big companies,” Iida said.
Japan’s goal is to raise the level of cybersecurity to at least the standards of modern Western countries such as the United States and European countries. Earlier this year, it adopted a “proactive cyber defense” law that would allow authorities to neutralize the source of malicious cyber activity and use information about attackers to try to prevent further activity.
Cybersecurity has been highlighted as one of the priority investment areas under Prime Minister Sani Takeuchi’s administration, and an IIDA position to coordinate the national strategy was newly formed in July.
Tokyo has stepped up cooperation with allies as state-linked hacking campaigns intensify. In September, Japan joined other countries in issuing an advisory about an alleged Chinese state-sponsored cyber espionage group known as “Salt Typhoon” that it said was targeting telecommunications companies and their customers. Ida said that while China, Russia and North Korea appeared to be the source of many of the attacks, it was often unclear who was directing them.
Read more: Australia’s spy chief has warned about investigating China’s hacker network
Despite heightened tensions between Japan and China last month following Takeichi’s remarks on Taiwan, Ida said there has been no significant change in cyberattacks originating from China.
“I’m not aware of that,” he said.
IIDA said the biggest challenge is building human resources to promote both public and private cybersecurity. There is also a need for greater awareness of simple steps to improve security, including the use of multi-factor authentication.
“Even a simple action can prevent a cyberattack – like changing a password,” he said.
Photo: Japan National Cyber Director Yuchi Iida; Photo credit: Alastair Gale/Bloomberg
Related:
Copyright 2025 Bloomberg.
Titles
Cyber
Interested Cyber?
Get automatic alerts for this topic.
