May 17, 2017 2:00 am JST

Tokyo to lay out cyberattack countermeasures

Options include digital retaliation when critical infrastructure is damaged

Should Japan's critical infrastructure be damaged via hacking, Tokyo plans to have a response ready.

TOKYO -- Japan will plan responses, including digital countermeasures, against hacking attacks that damage critical infrastructure, seeking to clear a legal path to do so in time for the 2020 Olympics.

The government aims to designate 13 fields of critical infrastructure, including electrical power, rail transport, medical facilities and financial institutions. Attacks on such infrastructure would be ranked at one of five levels of increasing seriousness depending on the extent of the damage. At levels three and above, Tokyo would intervene to stem disorder, and at level five it would respond via cyber means. The plan also will establish a hacking team within the government to carry out the response.

The plan is modeled after similar response frameworks in the U.S. and Britain. America classifies malware attacks that cause some electrical power or public transport systems to malfunction, or disrupts people's lives, as level three and above. It allows for the government to respond through such means as cyber retaliation.

Japan is expected to classify emergency situations -- such as damage to or disruption of nuclear power plant systems -- as level five. Bodies including the cabinet secretariat, Ministry of Defense and National Police Agency will work out how to define the levels, as well as what concrete steps to take at each one.

The cabinet's National Center of Incident Readiness and Strategy for Cybersecurity will lead efforts to quickly deliberate countermeasures, in light of the widespread damage from the current global ransomware attack. It intends to include the measures in a new cybersecurity strategy to be presented in June. Tokyo also aims to ward off future cyberattacks by showing it will prepare responses.

Japanese law prohibits any person from accessing others' computer systems without authorization. As such, Tokyo would need a legal exception for response options such as accessing an attacker's server or infecting them with a virus. It may justify itself on the basis of legitimate self-defense or necessity, and may revise relevant laws as well.

Some within the government believe Japan should respond to cyberattacks by exercising its right of self-defense, but that approach raises questions, including whether all such digital strikes meet the conditions to trigger that right.

The core means of digital response would be knocking out attackers' servers with a distributed denial of service attack, which overwhelms the target with huge volumes of data. Pinpointing the source of the attack would require sophisticated technology, and Japan may need overseas partnerships such as with the U.S.

Cyber assailants often redirect their attacks through third-party countries or pose as others to escape detection. The government may not be able to check rampant cyberattacks if it cannot locate attackers, and some worry that in its efforts to do so, it could impinge on people's rights by monitoring communications.

(Nikkei)

Get Insights on Asia In Your Inbox

To read the full story, Subscribe or Log in

Get your first month for $0.99

Redeemable only through the Subscribe button below

Once subscribed, you can…

  • Read all stories with unlimited access (5 articles per month without subscription)
  • Use our smartphone and tablet apps

To read the full story, Subscribe or Log in

3 months for $9
SUBSCRIBE TODAY

Take advantage of this limited offer.
Subscribe now to get unlimited access to all articles.

To read the full story, Update your account

We could not renew your subscription.
You need to update your payment information.

To read the full story, Subscribe or Log in

Once subscribed, you can…

  • Read all stories with unlimited access (5 articles per month without subscription)
  • Use our smartphone and tablet apps

To read the full story, Subscribe or Log in

3 months for $9
SUBSCRIBE TODAY

Take advantage of this limited offer.
Subscribe now to get unlimited access to all articles.

To read the full story, Update your account

We could not renew your subscription.
You need to update your payment information.