Pro-Russian hackers attack Japan with DDoS in response to its military ties with the United States.
The attack took place during working hours in Japan.
Pro-Russian groups have conducted a series of coordinated DDoS attacks against organizations in Japan, which have intensified following Japan's recent actions to strengthen its military alliance with the United States. These attacks, which began in mid-October 2024, have impacted strategic sectors of the Japanese economy and government, including logistics, manufacturing, and political entities.
Tensions between Japan and Russia have escalated following statements from the Russian Foreign Ministry, which expressed concern over Japan's increasing militarism. Russia highlighted Japan's rising defense budget and its participation in joint military exercises with the U.S. as causes for concern. The development of Japan's preventive strike capabilities and its involvement in missile defense research have contributed to this climate of tension.
Three days after the onset of the attacks, on October 11, 2024, Russia reiterated its concerns. In response, two pro-Russian hacktivist groups, NoName057 and the Russian Cyber Army Team, launched a DDoS campaign aimed at disrupting Japanese organizations and infrastructure. These attacks primarily targeted Japan's logistics and manufacturing sectors, with particular attention to ports and shipyards, continuing NoName057's trend of attacking critical sectors in geopolitical conflict zones.
In addition to industrial targets, the attackers also focused their efforts on Japanese government and political organizations, with the new Prime Minister's party being one of the prominent targets, possibly seeking to draw attention to its actions. According to NETSCOUT, the attacks employed multiple DDoS attack vectors, many of which originated from networks known for causing disruptions, cloud hosting provider infrastructure, and virtual private networks (VPNs). They also utilized the DDoSia botnet to amplify their attacks, applying different configurations to maximize impact.
Despite the disruptive nature of these attacks, NETSCOUT indicates that they have not significantly altered the threat landscape in Japan.
