Technological Countermeasures against Cyber attacks

Threat of cyber-attacks

 Info-communications technology pervades the modern society, and even Critical Infrastructure (CI) that provides us with essential services such as electricity, gas and water supply, is supported by information system. Under these circumstances, the "Threat of cyber terrorism," referring to an electronic attack which forces core systems of CI enterprises to be nonfunctional and paralyze social functions, has become a real threat. In addition, targeted e-mail attacks against governmental agencies and/or private companies are happened. It means the threats of cyber intelligence, the intelligence activities using info-communication technology with the purpose of obtaining confidential information on national strategy, advanced technologies and others, have become problems as well.

Cyber Force

Role of Cyber Force

 A technical unit called Cyber Force has been set up in the Info-Communication Dept. of the NPA, Regional Police Bureaus and prefectural info-communication depts. In cooperation with Community Safety Depts. and Security Depts., Cyber Force makes efforts to strengthen cooperation between public and private sectors by providing information on security to critical infrastructure enterprises and conducting joint response drills assuming an occurrence of a cyber attack. In addition, incase of a cyber attack is happening, Cyber Force cooperates with the prefectural police and takes technical emergency measures for grasping damage situation, preventing damage from expanding, and preserving evidences.
Cyber Force activities
 The CFC provides information regarding cyber security such as findings of Real Time Detection Network System on the NPA website「@police」 (https://www.npa.go.jp/cyberpolice/) so that the Internet users properly understand the threats of cyber attacks and voluntarily take appropriate preventive measures against the threats.
 The Cyber Force of the NPA, called Cyber Force Center (CFC), plays a role of the command center for all the other Cyber Forces, and functions as the technological epicenter of technological emergency response activities, when cyberattack occurs. Cyber Force Center comprehends symptom and situation of cyberattacks, analyzes malicious programs attached to targeted e-mails, instructs the other Cyber Forces all over Japan on a 24/7 basis. Additionally, the CFC participates in FIRST*, an international framework among computer incident response teams to obtain useful information for taking appropriate countermeasures against information security incidents through sharing information among organizations.
* FIRST(Forum of Incident Response and Security Teams)

Real Time Detection Network System

 The CFC runs the Real Time Detection Network System on a 24/7 basis. This system gathers and analyzes information from sensors, which are deployed at connection points with the Internet. Utilizing this system, the CFC is making efforts to comprehend symptom and situation of cyberattacks through observing occurrences of cyberattacks and the activities of computers compromised by computer viruses.