Pro-Russian hackers hit Japan with DDoS attacks over military ties to the US

Russia issues warnings to Japan over its military posture with the US

Pro Russian groups subject Japan to a spate of DDoS attacks

Attacks target critical infrastructure and government bodies

Pro-Russian threat actors have launched a series of coordinated DDoS attacks against Japanese organizations following Japan’s recent moves to strengthen its military alliance with the United States.

Distributed Denial of Service (DDoS) attacks, which flood networks with traffic and disrupt operations, have become a go-to method for cybercriminals and hacktivist groups.

The attacks, which began in mid-October 2024, have targeted key sectors of Japan’s economy and government, including logistics and manufacturing, as well as political entities.

Tensions between Japan and Russia escalate

The cyberattacks followed recent statements made by Russia’s Ministry of Foreign Affairs (MID), which expressed concern over Japan’s growing militarization. Russia highlighted Japan’s increased defense budget and its involvement in joint military exercises with the United States as causes for alarm.

Additionally, Japan’s development of pre-emptive strike capabilities and participation in ballistic missile defense research have contributed to rising tensions between the two nations.

On October 11, 2024, three days before the attacks, Russia reiterated its concerns. In response, two pro-Russian hacktivist groups, NoName057 and the Russian Cyber Army Team, launched a coordinated DDoS campaign aimed at disrupting Japanese organizations and infrastructure.

The cyberattack primarily focused on Japan’s logistics and manufacturing sectors, with a particular emphasis on harbours and shipbuilding. This focus on infrastructure is consistent with previous campaigns carried out by NoName057, a group known for targeting critical sectors in geopolitical conflict zones.

Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors

In addition to industrial targets, the hacktivists also attacked Japanese governmental and political organizations. Notably, the political party of Japan’s newly elected prime minister was one of the high-profile targets, potentially as an attempt by the attackers to draw attention to their actions.

According to NETSCOUT, the attacks employed multiple direct-path DDoS attack vectors, with many originating from well-known nuisance networks, cloud hosting provider infrastructure, and virtual private networks (VPNs). The attackers also utilized the DDoSia botnet to amplify their attacks, thereby employing different configurations to maximize the impact.

While these attacks were disruptive, NETSCOUT notes that they have not significantly altered the overall threat landscape in Japan.

Original Author: Efosa Udinmwen | Source: TechRadar