At the outset, it is worth mentioning general information about the cybersecurity situation in the region. Cybersecurity is becoming an increasingly important issue in Asia as the region undergoes rapid digitalization and technological advancement. Given the diversity of geopolitical actors, economic disparities, and varying levels of technological infrastructure, ensuring cybersecurity in Asia is challenging. Asia includes a wide range of countries with varying degrees of technological sophistication and cyber capabilities. While countries such as Japan and South Korea boast advanced cybersecurity infrastructure, others, particularly in Southeast Asia, face significant vulnerabilities. Cyber threats in Asia range from state-sponsored cyber espionage and cyber warfare to financial cybercrime and attacks on critical infrastructure.
Asia is a vulnerable region for cyber threats due to geopolitical tensions and the presence of state-sponsored hacker groups. The region is a frequent target for cyber espionage. In the context of this article, it is important to remember that the cybersecurity situation in the region is very tense and worsening every year. A total of eight Thai government agencies were listed as targets for hacking attacks in 2020-2022, including the National Intelligence Agency and the Ministry of Interior, as well as two state-owned telecommunications companies and the country’s largest mobile operator. The documents also mentioned several Malaysian institutions, government agencies in Cambodia, Indonesia, Myanmar and Vietnam, and a telecommunications operator in the Philippines.
In recent years, researchers have documented schemes that have successfully targeted regional ministries and intercepted thousands of ASEAN emails, relying on tactics such as backdoor malware in software updates and email phishing designed to trick users into revealing private information.
Western countries and their allies in the region (primarily Japan and South Korea) are trying to build a new cyber defense system. It is important to mention that the U.S. has started negotiations with Great Britain and Australia to invite Japan to cooperate in the field of defense technologies within the framework of the AUKUS security partnership.[i] And while the so-called first pillar of AUKUS is aimed at helping Australia acquire conventionally armed nuclear submarines, the second pillar focuses on the development of advanced warfare capabilities such as artificial intelligence, underwater drones, hypersonic technologies and electronic warfare technologies, Japan is an important part. Japan’s participation can help in the development of high-tech weapons, as the country is one of the leaders in AI development and semiconductor manufacturing. However, the state of the country’s cybersecurity is a concern, although Japan is taking steps to strengthen it. After all, if an effective cyberattack is launched against Japan, it could undermine the entire AUKUS security partnership.
Japan has been, for quite some time now, actively improving its cybersecurity system. Japan has already taken a number of initiatives to strengthen its cybersecurity. One notable achievement was the establishment of the National Incident Preparedness and Cybersecurity Strategy Center (NISC) in 2015. The NISC serves as a central coordinating body responsible for monitoring cyber threats, responding to incidents, and disseminating information to relevant stakeholders. Through NISC, Japan is enhancing its ability to rapidly detect, analyze, and respond to cyber incidents. Japan has prioritized cybersecurity in its national policies and strategies. The “Basic Law on Cybersecurity” enacted in 2014 outlines the fundamental principles and framework for cybersecurity measures, emphasizing the importance of public-private partnerships, information sharing, and capacity building [ii]. In addition, the Cybersecurity Strategy, adopted in 2015, identifies specific goals and action plans to comprehensively address emerging cyber threats.[iii]
It is important to mention that investment in research and development is critical to stimulate innovation in cybersecurity technologies and techniques. By supporting initiatives in this area, Japan can remain at the forefront of cybersecurity innovation and develop its own capabilities to effectively address emerging threats. Also, strengthening cooperation among government, industry, academia, and civil society is necessary to capitalize on collective cybersecurity expertise and resources. Partnerships can facilitate information sharing, joint exercises and capacity building initiatives, strengthening Japan’s overall cybersecurity posture.
Of course, the most important factor to mention in the context of this article is that strengthening international cooperation and collaboration remains vital in combating transnational cyber threats. Japan continues to cooperate with international partners, contribute to global cybersecurity initiatives and advocate for the development of international norms and regulations that promote a secure and stable cyberspace environment, and accept international assistance. Private foreign companies are also beginning to play an important role. Google has opened a cyber defense center in Tokyo. The company opened its first Asia-Pacific cyber defense center in Tokyo amid growing threat concerns among countries in the region [iv]. The American tech giant wants to promote research into countering cyberattacks by sharing the latest information with relevant officials, companies and universities in Japan. The new facility will also serve as a training ground for regional cyber defense experts. Google will invite engineers from India, Australia, South Korea, Japan and Southeast Asian countries to learn how to combat cyberattacks. The tech giant says it will not receive any compensation for the joint research.
Such moves by the company also come as the National Police Agency joined its U.S. counterparts, including the FBI, in September 2023 to warn of widespread malware attacks by cyberactivists known as BlackTech. BlackTech “has targeted the government, industry, technology, media, electronic and telecommunications sectors, including organizations that support U.S. and Japanese military forces,” the agency said in a joint statement.[v] As security threats increase, the new center will focus on improving Japan’s cybersecurity infrastructure through the use of advanced technology and cooperation.
To summarize, the region is a target of cyberattacks and as major geopolitical interests collide, countries like Japan are trying to improve their security by resorting to different methods. Private corporations that cooperate with governments on cybersecurity are also beginning to play an increasingly important role. One example is Google, which has opened a cyber defense center in Tokyo.
[i] “Japan Signals Interest in AUKUS Defence Tech Partnership”, Barron’s, https://www.barrons.com/news/japan-signals-interest-in-aukus-defence-tech-partnership-c137df26, (Date of Accession: 06.03.2024).
[ii] “Japan: Basic Act on Cybersecurity Amended”, LOC, https://www.loc.gov/item/global-legal-monitor/2018-12-26/japan-basic-act-on-cybersecurity-amended/#:~:text=The%20Basic%20Act%20aims%20to,such%20as%20the%20formation%20of, (Date of Accession: 06.03.2024).
[iii] “Japan’s New Cybersecurity Strategy: Security Without Thwarting Economic Growth”, Council on Foreign Relations, https://www.cfr.org/blog/japans-new-cybersecurity-strategy-security-without-thwarting-economic-growth, (Date of Accession: 02.11.2015).
[iv] “Google opens cyberdefense hub in Tokyo”, Nikkei Asia, https://asia.nikkei.com/Business/Technology/Google-opens-cyberdefense-hub-in-Tokyo, (Date of Accession: 07.03.2024).
[v] “Google opens new cyberdefence hub in Tokyo amid China threats”, The Economic Times, https://economictimes.indiatimes.com/tech/technology/google-opens-new-cyberdefence-hub-in-tokyo-amid-china-threats/articleshow/108299045.cms?from=mdr, (Date of Accession: 07.03.2024).
