Cyber3 Conference Okinawa 2015
沖縄の万国津梁館で開催されたCyber3 Conference Okinawa 2015に出席し、国家公安委員長として基調講演を行いました。
この会議は山本一太元大臣がWorld Economic Forumと打ち合わせをして開催を決め、山口俊一前大臣が準備し、島尻愛子大臣主催で開催の運びとなったものです。
Countermeasures against threats in cyberspace
Ladies and Gentlemen, good evening. I would like to extend a very warm welcome to the participants from overseas. I am Taro Kono, Chairperson of the National Public Safety Commission that supervises the Japanese police.
I would like to express my sincere congratulations on the occasion of the Cyber3 Conference Okinawa 2015. It is a great pleasure to have distinguished cyber security experts from around the world, here in Okinawa.
In recent years, the Internet has become an established form of social infrastructure essential to people’s lives and socio-economic activities. Cyberspace and physical space have become increasingly integrated, and today, public security cannot be maintained without securing the safety of cyberspace.
Japan will host major events such as the G7 Ise-Shima Summit meeting next year, and the Tokyo 2020 Olympic and Paralympic Games in five years. To make sure of the success of these events, we must make every effort to maintain public security including cyberspace.
I would now like to comment on the recent situation of the threats in cyberspace in Japan. In the last few years, there has been a great number of confirmed DoS Attacks, causing targeted web sites to seize services due to a large amount of access, and cyber espionage cases in which confidential information of government and private sectors were suspected to have been exfiltrated.
From the night of November 4th to the morning hours of November 5th, the web site of the Organizing Committee of the Tokyo Olympic and Paralympic Games received a large amount of access, making it difficult to browse the web site. This is currently under investigation.
Regarding cyber espionage cases, in 2011, the factories of Mitsubishi Heavy Industries which produce submarines, missiles and nuclear power plant components suffered spear phishing e-mail attacks, which damaged their systems. This May, multiple computers of the Japan Pension Service were also compromised, causing a massive leak of personal information stored in the agency.
Among cases in recent years, it was confirmed that attackers used computers subscribed by Chinese individuals for remote access, and strings written in Chinese characters were found in the source code of malware used for the attack.
The police are investigating these cases, and trying hard to prevent them from occurring again or becoming widespread. During a 6-month period from January to June this year, the police confirmed approximately 1,500 cases of spear phishing e-mail attacks which is approximately 7-fold compared with the same period of the previous year. This is an example which shows the attacks are becoming more active and sophisticated.
In light of the situation, the police have formulated a new Cybersecurity Strategy to advance effective countermeasures by exerting the collective strength of the organization.
For example, in order to enhance human resources, prefectural police recruited a total of 930 additional dedicated investigators in three years. It also recruited approximately 80 civilians as special investigators who have work-ready knowledge and skills. The National Police Agency is pushing forward to utilize knowledge from the private sector. This year it appointed two civilians as senior officials ranking Superintendent.
In addition, the Research and Training Center for Cyber Security, which has been added to the National Police Academy, is now providing so-called “hybrid investigators”.
This is to provide experienced crime investigators with hands-on education and training relating to cyber knowledge and technique. Approximately 300 investigators have already finished the programs.
We must prevent damage from spreading and restrain new crimes.
Although many of the large corporations have resources to prevent the cyber-attacks, SMEs often lack those human resources. The police are trying to locate third-party command and control servers that have been secretly established on the web servers of SMEs as well as to take down the compromised computers controlled by the C2 servers.
Each of the 47 prefectural police headquarters have established cooperative bodies with SMEs within the jurisdiction in order to apply detailed preventive measures for such businesses. Through these frameworks, the police can make sure the cutting-edge technology of SMEs in our country are not exfiltrated, and the computer servers of the SMEs are not used as hop servers in cyber-attacks.
Furthermore, regarding the Dark Web, thought to be used as crime infrastructure in the Internet, the police have made efforts to take down malicious websites by enhancing information gathering as well as detecting illegal activities through cyber patrolling and other measures.
On the other hand, with the ever-progressing information and communications technology, the forms of cybercrime and cyber-attacks have become increasingly sophisticated and ingenious, making it impossible for the police to act alone in tackling this issue. In order to take various measures against threats in cyberspace, it is necessary to work in coordination with the private sector and academia.
Given this situation, the Japan Cybercrime Control Center, known as JC3, was established in Japan last November. It is part of an initiative to oversee the whole of cyberspace by sharing information, knowledge and experiences, and contribute to the prevention of subsequent incidents by identifying, mitigating, and neutralizing the root of threats in cyberspace.
JC3 has a good cooperative relationship with the NCFTA (National Cyber Forensics & Training Alliance) of the United States. I believe that both JC3 and NCFTA will serve as leading models in which industry, academia, and government will jointly tackle threats in cyberspace.
In addition, the police have built a network with approximately 7,000 business operators nationwide, and are making efforts to share information. The police also provide assistance for critical infrastructure providers such as electricity, water, gas, railroads etc. to enhance their capacity by conducting joint counter cyber terrorism exercise.
Cybercrimes and cyber-attacks have the nature of easily crossing national borders. Damages extend over many countries, perpetrators are located abroad, and the modus operandi is sophisticated and complex. On the other hand, traces of crime disappear by the minute.
This April, ICPO established the INTERPOL Global Complex for Innovation in Singapore to strengthen response to cybercrime. Japan will cooperate with such international bodies and actively promote countermeasures against international cybercrime.
In addition, it is also necessary to close loopholes in the cyber field by assisting capacity building in countries that don’t have enough capability in countering threats in cyberspace.
As a member of the Asian community, Japan has promoted international cooperation by hosting programs which aim to enhance sharing of knowledge and experience on analysis technology and cybercrime investigation, and investigative capabilities especially among law enforcement agencies in the Asia-Pacific region.
While continuing existing initiatives, Japan will provide more effective assistance by meeting specific needs of each country in the future.
As the Tokyo 2020 Olympic and Paralympic Games approach, the threats in cyberspace must increasingly intensify. Being in a position to supervise the police, I would like to make the event a great success.
In order to do so, we will need to further promote public-private partnership and international cooperation. I would like to take this opportunity to ask for your assistance and cooperation.
I would also like to point out that we intend to contribute as much as possible in joint efforts with your country to tackle the threats in cyberspace.
Thank you for your kind attention.