Summary:
During the end-of-year holiday season, a series of distributed denial-of-service attacks severely disrupted operations across several major Japanese organizations, including leading airlines, financial institutions, and telecommunications providers. Japan’s largest wireless carrier, NTT Docomo, which serves around 90 million users, reported widespread outages affecting its “goo” portal, internet services, on-demand video streaming, e-commerce platform Dpay, and its golf subscription service. These disruptions began early one morning and lasted for 11 hours, impacting both individual and business users.

The financial sector was also heavily targeted. Osaka-based Resona Bank experienced a network malfunction due to a DDoS attack, which disrupted its My Gate application and briefly impacted services at affiliated banks, including Minato Bank, Kansai Mirai Bank, and Saitama Resona Bank. Although no data leaks or malware infections were reported, the incident caused significant operational delays. Similarly, Mizuho Bank, Japan’s third-largest financial institution, faced a three-hour outage in its online banking services, while MUFG Bank, the nation’s largest with over $235 billion in assets, reported service disruptions across its Mitsubishi UFJ Direct, BizSTATION, and COMSUITE portals on December 26. Japan Airlines was also affected during the Christmas holiday, with a suspected DDoS attack delaying 24 domestic flights by over 30 minutes and disrupting ticket sales and internal systems. While the airline resolved the issue within hours and avoided any data breaches, the incident highlighted the vulnerabilities of critical transportation infrastructure.

Security Officer Comments:
The holiday attacks followed an increase in DDoS activity tied to geopolitical tensions. Kremlin-linked hackers escalated their campaigns after Japan announced joint military exercises with the United States near Russia and supported a G7 proposal to use frozen Russian assets to aid Ukraine. Russian hacktivists, such as NoName057(16), carried out sophisticated attacks using multiple vectors and configurations to maximize impact. Their campaigns primarily targeted Japan’s logistics and manufacturing sectors, including harbors and shipbuilding facilities, as well as government and financial institutions. Netscout, a cybersecurity firm, observed around 2,000 daily DDoS attacks on Japanese networks in 2024, employing direct-path attack vectors and leveraging nuisance networks, legitimate cloud providers, and VPN services.

Suggested Corrections:
In response, the National Police Agency of Japan increased its focus on mitigating DDoS threats, attributing their prevalence to the low cost and ease of execution. In December, the NPA collaborated with Europol in a major operation that dismantled 27 DDoS booter services across multiple countries. The effort led to the arrest of three individuals who used these services and served as a warning to businesses about the likelihood of further DDoS attacks. Japanese authorities emphasized the need for robust cybersecurity measures to protect critical infrastructure against increasingly frequent and sophisticated cyberattacks.

Link(s):
https://www.databreachtoday.com/japanese-businesses-hit-by-surge-in-ddos-attacks-a-27216