Japan's Cybersecurity Failures Duly Noted In The West

While it was unclear exactly what data was compromised by the hackers, it is almost certain the state-funded“BlackTech” is infiltrating routers to gain undetectable backdoor access to the networks of companies in the US and Japan. The re-routes have been confirmed by the US National Security Agency, Federal Bureau of Investigation and Japanese police jointly during a cybersecurity advisory late in September 2023.

These Border Gateway Protocol (BGP) re-routes fall under the Harvest Now, Decrypt Later (HNDL) threat - where malicious actors collect and store sensitive encrypted data with the intention of cracking it later by using powerful quantum computers.

HNDL attacks can have dire consequences for critical sectors such as finance, energy, government and defense. And BGP rerouting attacks aren't uncommon.

In 2020 data from corporations including Google, Amazon and Facebook were inexplicably siphoned through Russia. Four years prior, internet traffic heading to South Korea from Canada was ending up in China.

In the West, the race to develop post-quantum cryptography (PQC) is gathering steam. The US is leading the charge with the passing of the Quantum Computing Cybersecurity Preparedness Act, which outlines the steps federal government agencies must take when adopting technology to protect against quantum computing attacks.

The momentum created by this US-led legislation is now replicated in many European countries. Last March, the UK government launched a 10-year program to invest 2.6 billion pounds (US$3.3 billion) into the sector while Germany and France have invested more than $5 billion in research.

Unlike the US and its allies, Japan hasn't placed the same focus on securing its networks with PQC, placing bilateral communications with the US at risk from a quantum attack.

Sign up for one of our free newsletters

• The Daily Report Start your day right with Asia Times' top stories
• AT Weekly Report A weekly roundup of Asia Times' most-read stories

Japan's need to upgrade its entire cybersecurity defense is long overdue. The central government and private corporations should take this opportunity not just to keep up with but leapfrog other nations by creating their own, quantum-safe by design, end-to-end infrastructure that protects IP creation, business processes and day-to-day communications.

Market-ready solutions are available: Last year, a Hybrid PQ VPN was adopted by NATO to secure its comms from quantum attack.

Prioritizing cybersecurity should be high on Japan's agenda, not only to appease its allies and earn a seat at the table as a global innovation leader once again but to ensure a resilient digital landscape in an increasingly turbulent world.

Andersen Cheng is the CEO of Post-Quantum, a cybersecurity company focusing on quantum-safe security and identity solutions. He was previously COO of the Carlyle Group's European venture fund and a founding member of LabMorgan, the Fintech1.0 investment unit of JPMorgan.

Already have an account? Sign i Sign up here to comment on Asia Times stories OR

Thank you for registering!

An account was already registered with this email. Please check your inbox for an authentication link.