![Sample our Politics & International Relations journals, sign in here to start your FREE access for 14 days]({"type":"image" , "src" : "/sda/5947/TOC-Subject-Sample-2021-Politics-International-Relations.jpg"})
Abstract
The direction of Japan’s cybersecurity policy is shaped by the escalating threat of state-sponsored cyberattacks in peacetime. This surge, notably from Russia, China, and North Korea, involves diverse tactics such as information manipulation, functional disruption, and financially motivated attacks, posing economic and national security risks. In response, nations are increasingly adopting Active Cyber Defense (ACD) strategies. ACD combines real-time attack detection with proactive countermeasures, aiming to impose costs on malicious cyber actors and mitigate potential damage. The United States and the United Kingdom lead in ACD implementation, using technical and policy responses, including hackbacks, to deter and attribute cyber threats.
Japan is aligning its security policy with ACD principles, recognizing the need for proactive cyber measures beyond passive cyber defenses. This shift involves enhancing cyber capabilities, increasing cyber-related units, and fostering collaboration with the private sector. However, legal and regulatory challenges hinder ACD implementation in Japan, with existing laws restricting activities such as attack monitoring and attribution. Bridging these gaps is crucial for developing a comprehensive cybersecurity framework and ensuring the nation’s resilience against evolving cyber threats.
Acknowledgment
This article is the English translation and update of an article originally published in Japanese in Jun Osawa “Saiba Ryoiki no Anzen Hosyo Seisaku no Houkousei [Direction of Japan’s New Cybersecurity Policy]”, Shin Ryoiki Anzen Hosyo [New Domains Security], Wedge, January 10, 2023.
Notes
1 Jun Osawa, “The Escalation of State Sponsored Cyberattack and National Cyber Security Affairs: Is Strategic Cyber Deterrence the Key to Solving the Problem?,” Institute for International Policy Studies, (IIPS), Asia-Pacific Review, Vol. 24, 2017 – Issue 2, 1-19.
2 U.S. Department of Defense, “Department of Defense Cyber Strategy 2018 Summary,” September 2018, https://media.defense.gov/ 2018/Sep/18/2002041658/-1/-1/CYBER_STRATEGY_SUMMARY_FINAL.PDF (accessed June 28, 2023).
3 Jun Osawa, “Semarikuru Saiba Kogeki no Kyoi: Haiburiddo Senso to Nihon e no Eikyo [Threat of Impending Cyberattacks: Hybrid War and Its Impact on Japan],” Chian Forum (Security Forum), Vol. 28, No. 6, June 2022, Tachibana Shobo publisher, pp. 42-51.
4 Jun Osawa, “Ransamuwea no Kyoi: Saiba Hanzai o Yosoou Roshia ni yoru Ransamuwea Kogeki [Ransomware Threat: Ransomware Attack by Russia Disguised as Cyber Crime],” Chian Forum (Security Forum), Vol. 28, No. 7, July 2022, Tachibana Shobo publisher, pp. 57-68.
5 Jun Osawa, “Joho Sesshu-gata Saiba Kogeki no Kyoi: Kuni no Kyosoryoku o Ubau Chugoku ni yoru Hyoteki-gata Kogeki [Threat of Cyber Espionage: Targeted Attacks by China that Deprive Countries of Competitiveness],” Chian Forum (Security Forum), Vol. 28, No. 9, August 2022, Tachibana Shobo publisher, pp. 58-67.
6 Jun Osawa, “Kitachosen no Saiba Kogeki no Kyoi: Gaika Kakutoku o Nerau Kinsen Mokuteki-gata Saiba Kogeki [Threat of North Korea’s Cyberattacks: Financially Motivated Cyberattacks to Obtain Foreign Currency],” Chian Forum (Security Forum), Vol. 28, No. 10, September 2022, Tachibana Shobo publisher, pp. 61-69.
7 In one case, technical information about the US F-22 and F-35 fifth-generation fighter jets was leaked to China through a cyberattack and used for J-31 fighters of the China’s People’s Liberation Army Air Force.
8 APT1, a cyberattack group with close ties to China’s People’s Liberation Army, is known to have stolen technology from US nuclear, solar, steel, and nonferrous metals companies.
9 FireEye, “APT10 (MenuPass Group): New Tools, Global Campaign Latest Manifestation of Longstanding Threat,” April 6, 2017, https://www.fireeye.com/blog/threat-research/2017/04/apt10_menupass_grou.html (accessed June 28, 2023).
10 Cabinet Secretariat, Office to Prepare Economic Security Legislation, “Expert Panel on Economic Security Legislation,” November 26, 2021.
11 Jun Osawa, “Ninchi Ryoiki ni taisuru Joho Sosa-gata Saiba Kogeki (Johosen) no Kyoi: Minshushugi o Obiyakasu Disuinfomeshon [Threat of Information Manipulation Cyberattacks against Cognitive Domain (Information Warfare): Disinformation that Threatens Democracy],” Chian Forum (Security Forum), Vol. 28, No. 11, September 2022, Tachibana Shobo publisher, pp. 49-58.
12 Scott Jasper, Strategic Cyber Deterrence, Rowman & Littlefield Publishers, p.18.
13 U.S. Department of Defense, “The DoD Cyber Strategy,” April 2015, https://archive.defense.gov/home/features/2015/0415_ cyber-strategy/final_2015_dod_cyber_strategy_for_web.pdf (accessed June 28, 2023).
14 William A. Owens, Kenneth W. Dam, and Herbert S. Lin, Eds., Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities, National Academics Press, 2009.
15 U.S. Department of Defense, “Strategy for Operating in Cyberspace,” July 2011.
16 “Into the Gray Zone: The Private Sector and Active Defense Against Cyber Threats,” George Washington University, Center for Cyber and Homeland Security, 2016.
17 White House, National Cyber Strategy of the United States of America, September 2018, https://trumpwhitehouse. archives.gov/wp-content/uploads/2018/09/National-Cyber-Strategy.pdf (accessed June 28, 2023).
18 U.S. Department of Defense, Cyber Strategy 2018, September 2018, https://media.defense.gov/2018/Sep/18/2002041658/-1/-1/1/CYBER_STRATEGY_SUMMARY_FINAL.PDF
19 18 U.S.C. § 1345(a)(1)(A).
20 U.S. Department of Justice, “U.S. Charges Five Chinese Military Hackers For Cyber Espionage Against U.S. Corporations And A Labor Organization For Commercial Advantage,” May 19, 2014, https://www.justice.gov/usao-wdpa/pr/us-charges-five-chinese- military-hackers-cyber-espionage-against-us-corporations-and
21 UK Government, National Cyber Security Strategy 2016 to 2021, March 2016,
22 National Cyber Security Center, NCSC Annual Review 2022, November 2022. https://www.ncsc.gov.uk/collection/annual-review-2022/resilience/active-cyber-defence
23 Jun Osawa, “Kokka o Haikei to shita Saiba Kyoi e no Taisho: Sekkyokuteki Saiba Boshi no Donyu ni Mukete [Coping with State-sponsored Cyber Threats: Toward the Introduction of Active Cyber Defense],” Chian Forum (Security Forum), Vol. 28, No. 12, November 2022, Tachibana Shobo publisher, pp. 61-69.
24 Cybersecurity Strategic Headquarters, “Cybersecurity Strategy” (July 2018), https://www.nisc.go.jp/active/kihon/pdf/cs-senryaku2018.pdf. (Japanese); https://www.nisc.go.jp/eng/pdf/cs-senryaku2018-en.pdf (English)
25 Ibid., p. 2.
26 Ibid., p. 37.
27 Government of Japan, National Security Strategy of Japan, December 2022, p. 23. https://www.cas.go.jp/jp/siryou/221216anzenhoshou/nss-e.pdf
28 Ministry of Defense (Japan), National Defense Strategy, December 2022, p. 26. https://www.mod.go.jp/j/approach/agenda/guideline/strategy/pdf/strategy_en.pdf
29 Ministry of Defense (Japan), Defense Buildup Program, December 2022, https://www.mod.go.jp/j/policy/agenda/guideline/plan/pdf/program_en.pdf
30 The following statements are based on the following: Ken Sato and Jun Osawa, “Gekikasuru Saibasen ni Muryoku no Nihon: Ho to Taisei Seibi o Isoge [Japan Powerless in the Face of Intensifying Cyber Warfare: Hurry Up with Legislation and System Development],” Wedge, August 2022, pp. 43-45.
Additional information
Notes on contributors
Osawa Jun
OSAWA Jun is a Senior Research Fellow at Nakasone Peace Institute (NPI). He is also Director, Office of Cyber Domain Awareness, IT Security Center, Information-Technology Promotion Agency (since 2023), a board member of Kajima Peace Institute (since 2018), Adjunct Research Fellow at Sasakawa Peace Foundation (since 2018) and on the staff of the National Security Secretariat (NSS). His research interests include national cybersecurity, strategic assessment, and North-East Asian international security. He joined NPI/IIPS in 1995 as a Research Fellow before becoming a Senior Research Fellow in 2009 (until 2014, and since 2017). His previous positions include: Senior Fellow (2017–2019) and Deputy Cabinet Counsellor (2014–2016) at the NSS; Visiting Fellow at the Brookings Institution (2013); visiting scholar at the National Graduate Institute for Policy Studies (2011–2016); Policy Planning Researcher and Advisor, Policy Planning Division, Foreign Policy Bureau, Ministry of Foreign Affairs (MFA) (2007–2009); Analyst, Second Division, Intelligence and Analysis Service, MFA (2004–2006). He received his BA from Keio University in 1994 and an MA from Keio University in 1996.