Pro-Russian hackers claim to have temporarily taken down Japanese government websites

September 15, 2022

TOKYO – A pro-Russian hacker group has claimed to be involved in attacks against Japanese government and corporate websites.

Digital Reform Minister Taro Kono told a press conference on Tuesday that the problems were “most likely caused by DDoS attacks”.

Distributed denial of service attacks involve the transmission of massive amounts of data to cripple computer systems.

DDoS attacks are a popular means of cyber attack. The Russian military paralyzed the sites of the Ukrainian Ministry of Defense by flooding them with data, while the “computing army” recruited by the Ukrainian government counter-attacked a Russian stock exchange site.

A DDoS attack only temporarily cripples a target computer system. It does not steal data or render data unusable. However, the reality is that it is expensive to build additional servers to withstand the huge amounts of data being sent, making it difficult to fight these attacks.

On September 7, the pro-Russian hacker group Killnet posted a video of a masked figure on the Telegram messaging app. Claiming that Russia was committing no crimes in Ukraine, the group claimed it was responsible for a series of system failures as a “declaration of war against the Japanese national government as a whole”.

When Kono was asked if he could confirm who the attacker was, he declined to say.

“Showing our hand would give the striker an advantage,” he said.

The DDoS attack on the e-Gov website took the site down around 4:30 p.m. on September 6. It recovered once around 7:50 p.m. the same day, but became inaccessible again around noon on September 7.

The e-Gov site allows users to request the communication of administrative documents and provides information on laws and regulations. The site receives approximately 7.8 million visits per day. It was opened in fiscal year 2001 as a general point of contact for electronic requests to departments and agencies. When it was created, the Digital Agency took over management of the site from the Ministry of the Interior and Communication.

The agency announced the full resumption of e-Gov on its official Twitter account around 6:30 a.m. on September 9.

Between September 6 and September 9, the attacks temporarily rendered 23 government websites inaccessible. These sites belonged to the Digital Agency, the Ministry of the Interior and Communication, the Ministry of Education, Culture, Sports, Science and Technology and the Agence de la Maison imperial.

The website of the Nagoya Port Authority, operator of one of the country’s largest commercial ports, was down for about 40 minutes after 10 p.m. on September 6.

Some sites of the credit card company JCB Co. were inaccessible, while the websites of the social media company mixi, Inc. were also difficult to access.

The digital agency announced another system failure with the e-Gov website on September 7, which later turned out to be a technical issue and had nothing to do with a cyberattack, Kono said on Tuesday.

Uptrend since invasion
Killnet appears to be a hacktivist organization that uses cyber attacks to support a political cause, according to Mihoko Matsubara, cyber expert at NTT Corp. which analyzes trends in cyber attacks.

DDoS attacks are a method that hacktivists tend to use because they can easily see the damage caused by taking a website down.

Killnet activities have been observed since the beginning of this year. In May, he declared a “cyber war” on 10 nations, including the US, UK, Germany and Italy. The following month, he claimed to have targeted more than 130 government entities in Lithuania, as well as airports and other facilities using digital services.

“Killnet is believed to have targeted Japan for the first time,” Matsubara said. “The activities of pro-Russian hacker groups have intensified and it is necessary to pay close attention to their future activities.”

Since Russia’s invasion of Ukraine, DDoS attacks have increased worldwide. Since March, the American security company Imperva Inc. has detected around 10,000 DDoS attacks per month in around 6,200 companies worldwide, two to five times more than in previous months.

About Stuart M. McFarland

Check Also

CEED and UCEED 2023 websites launched; Registration begins September 30

The CEED and UCEED exam is held for admission to undergraduate and postgraduate design programs. …