More Japanese firms fell victim to ransomware attacks in 2021, rise accelerating: police

Central Government Building No. 2, which houses the National Police Agency, the National Public Safety Commission and other organizations, is seen in Kasumigaseki, Tokyo, in this 2019 file photo. (Mainichi/Kazuo Motohashi)


TOKYO — Between January and June 2021, police across Japan received 61 consultation requests from victims of computer-virus related ransomware attacks, nearly three times the 21 requests made between July and December 2020, it was revealed in National Police Agency (NPA) reports.


In ransomware attacks, internal company data and other information is encrypted by the attackers, and monetary payment is sought for the data to be restored. Of 61 consultations, 57 were from companies, with the remaining four from incorporated educational institutions and other bodies.


When breaking down the companies by business types, manufacturing firms were the most affected, with 27 consultations. Building and service firms also accounted for eight each, followed by wholesalers and retailers involved in seven consultations. Looking at cases based on the sizes of the affected companies, 40 consultations were from medium- to small-sized businesses, far outstripping the 17 from large companies.


Additionally, demands for payment were made from the start in 29 of the 61 cases. Criminal groups asked for the funds in cryptocurrency format in 26 cases, and in U.S. dollars in three. Twenty-four of the cryptocurrency demands were for Bitcoin, another two were for Monero. The NPA did not divulge whether the criminal groups were paid.


If companies don’t pay the demanded sums, a second level of blackmail has emerged in recent years where the criminal groups threaten to release the stolen data onto sites for exposing information. Police confirmed this second-level blackmail in 27 of the 61 cases.


Behind the increased numbers of companies affected by hacking appears to be the proliferation of attack methods online. Illegal websites are used to buy and sell viruses, and recruit people to develop illegal programs and help in entering companies’ networks. There are also reportedly many cases where the roles for cyberattacks are divided up.


(Japanese original by Naritake Machida, Tokyo City News Department)