Expert Reaction On Japanese Government Agencies Suffer Data Breaches After Fujitsu Hack

Offices of multiple Japanese agencies were breached via Fujitsu’s “ProjectWEB” information sharing tool. Fujitsu states that attackers gained unauthorized access to projects that used ProjectWEB, and stole some customer data. It is not yet clear if this breach occurred because of a vulnerability exploit, or a targeted supply-chain attack, and an investigation is ongoing.

Subscribe
Notify of
guest
1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Ilia Kolochenko
Ilia Kolochenko , Founder and CEO
InfoSec Expert
May 27, 2021 1:02 pm

<p>Recent amendments to Japan’s APPI (Act on Protection of Personal Information) privacy law bring, among other things, mandatory data breach notification and thereby convincingly demonstrate that the government of Japan takes cybersecurity seriously. The Fujitsu’s incident resembles the SolarWinds one in the US and will probably have similar consequences including enhanced cybersecurity regulations, comprehensive due diligence of governmental contractors akin to the DoD’s CMMC in the US, and likely additional funding for national cybersecurity. Surging supply chain attacks of national amplitude and multi-billion losses will probably trigger similar consequences around the globe. Spending more, however, does not mean spending wiser. Legislators and regulators should thus consider a consistent, holistic, multistakeholder and long-term oriented cybersecurity strategy as a key factor for regulated organizations to prevent cyber attacks and reduce data breaches. Ad hoc or unstructured approach does not work anymore.</p>

Last edited 1 year ago by Ilia Kolochenko
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x