In a recent turn of events, two Russian hacking groups, NoName057(16) and the Russian Cyber Army Team, launched distributed denial-of-service (DDoS) attacks on various Japanese logistics and shipbuilding firms, along with government and political organizations. This series of cyberattacks is believed to be a tactic to put pressure on the Japanese government in response to the nation’s increased defense budget and military exercises with regional allies.
The onslaught began on Oct. 14, targeting Japanese entities, with a significant focus on logistics, shipbuilding, and manufacturing companies. Netscout, a network-monitoring firm, reported that more than half of the attacks were directed towards these sectors. NoName057(16), in particular, has gained notoriety for its attacks on Ukrainian and European targets following Russia’s incursion into Ukraine.
The latest string of attacks on Japanese institutions occurred after the Russian Ministry of Foreign Affairs expressed concerns about Japan’s military expansion. Richard Hummel, director of threat intelligence at Netscout, noted that the recent election in Japan resulted in a new leader openly supportive of Ukraine and collaborating with the US military on joint exercises and missile testing. These developments became prime targets for NoName057(16), aligning with their pattern of attacking entities that oppose Russia’s interests.
Japan’s robust military build-up, considered the most extensive since World War II, has been on the rise amidst escalating geopolitical tensions with countries like China and Russia. The country unveiled a $320 billion five-year plan, including the deployment of long-range cruise missiles capable of reaching strategic locations in China, North Korea, and Russia. This shift underscores Japan’s departure from its historical self-defense-focused policy.
Amidst the cyberattacks, Japan’s Deputy Chief Cabinet Secretary Kazuhiko Aoki announced that the government is actively investigating the DDoS assaults. Netscout’s analysis revealed that a significant portion of the attacks targeted the logistics and manufacturing sector, with a notable fraction directed at government agencies and political entities in Japan.
The Russian cyber group utilized sophisticated tactics, employing various attack vectors against multiple targets, showcasing a multi-faceted assault strategy. Approximately 40 Japanese domains were identified as targets, each enduring multiple waves of attacks utilizing distinct DDoS vectors and attack configurations to maximize impact.
The surge in DDoS attacks reflects a broader trend where cybercriminals are leveraging such tactics to disrupt business operations or advance a cause. Recent cases, like the indictment of two Sudanese brothers for orchestrating over 35,000 DDoS attacks, underline the potentially severe consequences of these actions. The impact on critical infrastructure, such as healthcare facilities, highlights the physical risks associated with DDoS attacks.
While the Russian hacking groups behind the attacks on Japan appear to align with Russian government priorities, determining direct links to military or intelligence agencies remains challenging. The groups have claimed responsibility for 60 attacks on 19 different targets, particularly following criticisms of Japan’s military build-up. In a Telegram post, NoName057(16) cited discontent over the involvement of non-regional NATO members in military exercises, emphasizing Russia’s stance on perceived threats.
As the cyber landscape evolves, the targeting of entities critical of Russia or its policies remains a consistent theme in these attacks. Although the direct connection to Russian government agencies remains unclear, the pattern of targeting groups vocal against Russia suggests a concerted effort to intimidate and retaliate against perceived adversaries.
In conclusion, the cyberattacks on Japanese institutions by Russian hacking groups highlight the complex dynamics of cyber warfare in the current global landscape. As nations bolster their defenses and engage in strategic alliances, cyber threats continue to pose significant challenges, necessitating robust cybersecurity measures and international cooperation to mitigate risks effectively.
Croatian 
English 
Albanian 
Serbian 