Summary:
On January 2, 2025, NTT Docomo, Japan’s largest mobile operator, experienced a DDoS (Distributed Denial of Service) attack that disrupted several services for nearly 12 hours. The attack began at 05:27 AM and lasted until 4:10 PM, causing network congestion that made it difficult for customers to access key services, including the “goo” web portal, Lemino video streaming platform, dpay billing service, and the “Golf me” golf-round booking service.

Although the disruptions were resolved, NTT Docomo reported that content updates for some services were delayed due to recovery efforts. Fortunately, the DDoS attack did not impact mobile phone services or core telecommunications functions.

This incident follows a pattern of increased DDoS activity targeting Japanese businesses, with reports indicating similar attacks against Japan Airlines, MUFG Bank, Mizuho Bank, and Resona Bank in late December.

Analyst Comments:
The DDoS attack on NTT Docomo underscores the vulnerability of telecom providers to service-disrupting cyberattacks. As one of Japan’s largest carriers with 90 million subscribers, NTT Docomo represents a high-value target for threat actors seeking to disrupt critical infrastructure.

The growing frequency of DDoS attacks reflects a wider trend in telecom and financial sectors, where attackers exploit IoT devices, misconfigured servers, and weak network defenses to overload systems. With DDoS attacks globally rising by 102% in the first half of 2024, telecom operators must invest in robust traffic filtering, real-time threat detection, and DDoS mitigation strategies to minimize downtime.

While no specific threat actor has claimed responsibility for this incident, the attack aligns with increased DDoS activity globally, as noted by reports from Stormwall and Nokia highlighting a surge in telecom-related incidents.

Suggested Corrections:
Collaboration across the telecommunications industry and with national cybersecurity agencies is essential to defending against large-scale DDoS attacks. Telecom providers face unique challenges as they operate critical infrastructure that serves millions of users, making them attractive targets for threat actors. By establishing information-sharing frameworks and cross-industry partnerships, telecom companies can enhance their ability to detect, mitigate, and respond to DDoS campaigns more effectively.

Link(s):
https://www.infosecurity-magazine.com/news/ddos-disrupts-japanese-mobile/