Japanese companies brace themselves for more attacks as cybercrimes climb
Sign up now: Get insights on Asia's fast-moving developments
A ransomware attack on Oct 20 left retailer Muji without the ability to sell online.
PHOTO: AFP
Follow topic:
TOKYO – The recent wave of cyber attacks against Japanese businesses has exposed critical weaknesses in Japan’s corporate digital defences, fuelling fears of further disruption to sales and supply chains.
In the past month, Asahi Group Holdings was forced to take its distribution system offline and revert to phone orders for beer and beverages after a ransomware attack.
Retailers relying on Askul, a major player in Japan’s e-commerce and logistics space, lost access to their online platforms.
The surge reflects a combination of factors, including a rise of post-pandemic remote work, greater use of cryptocurrency and artificial intelligence that make it easier for bad actors to communicate with victims and claim ransoms, according to security experts.
There were 116 reported cases of ransomware attacks in the first half of 2025, matching a record last seen in 2022, data from the Tokyo Metropolitan Police Department show.
“There’s definitely been a trend for Japanese companies to be targeted more and more,” said Mr Lauro Burkart, a Singapore-based official with Israeli cyber-security firm Sygnia Consulting. The country has “a lot of lucrative targets”, he added.
In a typical ransomware attack, hackers block access to important files or systems and demand payment in return to restore access.
Askul’s incident left Muji, the minimalist household goods retailer operated by Ryohin Keikaku, and department store company Sogo & Seibu without the ability to sell online
Although the recent incidents were temporary and mainly hit shopping, manufacturers with weaker systems could face deeper disruptions, threatening their bottom lines.
Corporate Japan’s slower embrace of digital workflows and limited English proficiency used to be unintentional protective barriers, according to Mr Nobuo Miwa, president of Tokyo-based cyber-security firm S&J.
Ransomware gangs often overlooked targets in the country because many were unfamiliar with crypto payments, making it more difficult for them to pay.
“I’ve actually received multiple inquiries from companies saying they want to pay and asking how to do it,” Mr Miwa added.
The Port of Nagoya, one of Japan’s biggest container terminals, was forced to suspend operations in 2023 after a ransomware attack disrupted communication systems.
Entertainment and publishing company Kadokawa suffered a breach in 2024 that leaked data on more than 250,000 people.
It may get worse
Japanese corporate structures compound the risk, said Professor Tetsutaro Uehara, a member of a government panel on cyber security who teaches information technology and engineering at Ritsumeikan University.
“Japan’s biggest issue is how companies tend to throw everything to their system integrators,” he added, noting that this reduces in-house cyber-security expertise. “IT isn’t integrated into corporate strategy, and chief information officers tend to be either symbolic or absent.”
According to a report by San Francisco-based software firm Fastly, roughly 46 per cent of Japanese companies have appointed a chief information security officer, compared with the global average of about 70 per cent.
Despite the recent spate of attacks, Japan and the region remain relatively small compared to the scale of cybercrime in North America. The latter accounted for 64 per cent of victims globally in September, according to a report by Check Point Software Technologies.
The Asia-Pacific region represented 12 per cent, the Tel Aviv-based security software provider said.
Yet that number could rise, suggested Mr Miwa.
“It’s like an infectious disease finally reaching the Galapagos” islands, he added. “Once it makes a full circuit, cases may decline but Japan hasn’t gone through that first wave yet; the damage will continue to grow.” BLOOMBERG
