The police place technical units called Cyber Forces (CFs), as the technological foundation of countermeasures against cyber attacks, at Info-Communications Bureau, NPA; and each Regional Police Bureau/Prefectural Info-Communications Department.
CFs, in coordination with Community Safety Departments and Security Departments of the prefectural police, are working at strengthening cooperation with private entities through: sharing the information about cybersecurity threats with Critical Infrastructure providers, etc.; conducting joint trainings on cyber attack; etc.
Once cyber attack incidents occur, CFs swiftly respond to the incidents and take appropriate actions, such as assessing/limiting the damage, securing/preserving the evidence in order to assist the activities of the prefectural police.
The CF of the NPA, called Cyber Force Center (CFC), playing a role as the command center of all CFs, functions as the technological hub for incident response activities when cyber attacks occur; gathers and analyzes relevant information on a 24/7 basis for detecting cyber attacks and grasping their trends; analyzes malware, etc. attached to targeted emails; and supervises local CFs' activities.
Additionally, the CFC has participated in an international framework among computer incident response teams named FIRST (Forum of Incident Response Security Teams) in order to obtain useful information for taking appropriate countermeasures against cyber attacks through sharing information among organizations.
Activities of Cyber Forces
The CFC provides information regarding cybersecurity through a Web portal "@police" in order to help Internet users properly understand the threats of cyber attacks and voluntarily take preventive measures against the threats.
Real Time Detection Network System
The CFC runs Real Time Detection Network System. This system is implemented to gather and analyze information from sensors, which are deployed at particular points on the Internet, on a 24/7 basis. Utilizing this system, the CFC is making efforts to detect cyber attacks and grasp their trends through observing the occurrence of cyber attacks, the activities of computers infected by malware, and so on.