Telework rush leaves Japanese companies at risk of cyberattack

TOKYO — A hurried shift to telework is leaving Japanese companies open to cyberattacks through videoconferencing services, cloud storage and unsecure internet connections, according to security experts.

“There are no borders in the cyberworld, so malicious attacks from outside targets on Japanese companies and employees are increasing because we are not familiar with teleworking,” said Kenji Uesugi, a cybersecurity consultant with PwC Japan.

Prime Minister Shinzo Abe’s emergency declaration has prompted a range of Japanese companies to supply employees with equipment to ensure business continuity while sheltering at home. But it has been a halting start for a professional culture largely unfamiliar with telework.

“Almost all Japanese companies depend on paper-based work, that’s why it’s a big challenge to introduce IT-based remote working,” said Uesugi.

The pandemic has forced companies to rush to invest in hardware and software for remote work. But not all businesses have such resources. “A lot of companies cannot provide PCs and smartphones, which means employees have to use their own private PCs,” said Toshio Nawa of Nihon Cyber Defence.

These vulnerabilities, combined with a high appetite for information on the coronavirus, are giving cyber criminals a prime opportunity to penetrate company networks, according to a joint advisory issued this month by the UK’s National Cyber Security Centre and the U.S. Department of Homeland Security.

According to a report last year by the National Center for Incident Readiness and Strategy for Cybersecurity, Japan’s cybersecurity authority, a survey of private businesses in 2018 uncovered over 53,000 cyberhacking incidents. Of those attacks, 76% were attempts to steal money from companies, and 20% were corporate espionage.

Phishing — eliciting information through fraudulent emails — remains the most common method worldwide for cyber thieves looking to transfer proprietary data or funds, or steal employee credentials to infiltrate a company’s network. In one phishing attack identified by cybersecurity analysts, cyber criminals send links to coronavirus maps or fake websites selling scarce essentials such as face masks and sanitizers. Once the link is clicked, a virus is downloaded into the recipient’s computer.

The process of downloading and installing telework software — including virtual private networks or apps such as Zoom — has also been identified by experts as a point of entry for malicious actors.

Cybersecurity consultants at PwC identified banks, digital payment systems and e-commerce companies as some of the industries and businesses most at risk from global cyberattacks. Internet providers have grown more prone to concentrated traffic attacks that can overwhelm and shut down a server in what is known as distributed denial of service. Analysts at Nokia Deepfield observed a 40% increase in global DDoS traffic from levels before the pandemic.

Such an attack was used against the U.S. Health and Human Services Department to slow the country’s pandemic response which the agency is leading, while a ransomware attempt on the Paris metropolitan hospital system was thwarted by authorities. But Japan’s public health system has not faced anything similar, perhaps because hackers know they are not immune to the coronavirus. “There are groups that have decided not to target hospitals and the healthcare sector for now,” said a Tokyo-based security engineer for a Japanese digital payments company.

On the other hand, teleworking employees in the influential Ministry of Economy, Trade and Industry have been targeted by cyberattacks because they are privy to sensitive company information. When it comes to cybersecurity, the weak link in Japan’s economy consists of small and midsize companies that typically lack the capital for sophisticated IT infrastructure.

“In the past two months, I received reports of over 20 incidents from METI of attacks on midsize companies in the supply chains of defense and nuclear companies,” said Nawa, who consults on cybersecurity for several government agencies.

Subsidies for telework costs were included in the emergency relief package approved by the Japanese government last month. The Tokyo Metropolitan Government, for instance, will provide up to 2.5 million yen ($23,000) per company to help defer telework equipment costs and software fees. SMEs can also call on a cybersecurity support network set up by the Tokyo police.

The shift has been a boon for companies that provide teleworking facilities. Konica Minolta, whose encrypted public wifi network provides a secure VPN connection from 100,000 nationwide locations, said the company received twice the number of signups it expected last Friday, when it began selling licenses for a monthly fee of 780 yen per user.

Experts advise managers to start with setting up layered defenses for their internal networks. Such barriers include installing antivirus software, secure email gateways and spam filters, and requiring passwords and pins to join teleconferences.

But the first line of defense for a company would be training employees to recognize and report fraudulent emails, and to be smart about securing their home networks. 

“Internal threats may be increasing because it becomes easier to steal a company’s information during remote working,” said Uesugi.

Source Article