TOKYO -- Japan will set up a unit in fiscal 2022 spanning industry, government and academia to study cyberattacks and develop more effective defenses, Nikkei learned Tuesday.
More than 20 companies and other organizations are in talks to join the effort, including Hitachi, NEC, Fujitsu, Mitsubishi Electric, Yokogawa Denki, the Nippon Telegraph and Telephone group, Waseda University and Kobe University, according to the Ministry of Internal Affairs and Communications.
Studies show Japan lags behind other countries in defending against cyberattacks and often relies on foreign companies for cybersecurity. Faced with a technological gap that poses serious risks to national security, Tokyo will seek to nurture cyber defense talent and technology by bring the public and private sectors on the same team.
"Understanding attack methods and malware is a necessity for cyber defense," said Kenji Uesugi, a fellow at the Japan Cybersecurity Innovation Committee. Yet "many companies are hesitant to share information," he added.
Just this Monday, the U.K. and U.S. governments said Russian military intelligence services had begun reconnaissance for a cyberattack on organizations involved in the Tokyo Olympics, from which Russian competitors had been banned due to a doping scandal.
When a company or other organization in Japan reports a cyberattack, the new unit will create an online network masquerading as the victim to draw the attack to itself and lull the perpetrator into thinking it has succeeded.
The team will then monitor and analyze the attack's techniques, seek to identify the attacker, and provide advice on how to cope with the situation.
The National Institute of Information and Communications Technology will develop software for cyberattack analysis, with the government planning to earmark 2 billion yen ($19 million) for the project in fiscal 2021.
The techniques used in cyberattacks have increased rapidly in sophistication. While early attacks typically involved shutting down systems with floods of data, the use of hacking or malware to break into systems and steal data has become more common in recent years.
Japan's new joint unit is intended to address this problem by serving as a central repository for data on cyberattacks across the country.
The National Center of Incident Readiness and Strategy for Cybersecurity, which directs Japan's cyber defense efforts, is expected to provide data on cyberattacks and related matters.
The government will allow other companies and universities to take part in the project after screening. The unit's analyses and defenses will be compiled into training materials.
A 2020 global ranking of cyber capabilities by Harvard University puts the U.S. in first place, followed by China and Britain, with Japan trailing in ninth. Japan ranks 20th in the capacity to monitor possible attack.
In a survey of 1,794 Japanese companies by NRI SecureTechnologies, roughly 90% of respondents said their cyber defenses were "insufficient."
In Japan, "employment of security professionals is limited, and few companies offer high pay for [cybersecurity] engineers," said Takeshi Doi of MS&AD InterRisk Research & Consulting.
In recent years, cyberattacks have proven to be powerful tool for causing social and economic damage at a lower cost than conventional warfare. Russia has been linked to cyberattacks against Ukraine since the 2014 annexation of Crimea. A 2015 attack on Ukraine's power grid caused widespread outages, and a more widespread strike in 2017 shut down systems at airports, power companies and financial institutions.
China and North Korea have bolstered their cyberwarfare capabilities as well.
