The Japanese Financial Services Attack Landscape

Post Syndicated from Tom Caiazza original https://blog.rapid7.com/2023/07/14/the-japanese-financial-services-attack-landscape/

The Japanese Financial Services Attack Landscape

Recently, we released a major report analyzing the threat landscape of Japan, the globe’s third largest economy. In that report we looked at the ways in which threat actors infiltrate Japanese companies (spoiler alert: it is often through foreign subsidiaries and affiliates) and some of the most pervasive threats those companies face such as ransomware and state-sponsored threat actors.

We also took a look at some of the hardest hit industries and it should come as no surprise that some of the most commonly attacked companies are in industries where Japan currently excels on a global scale. Think manufacturing and automotive, technology & media, and financial services.

In these blog posts we’re going to briefly discuss the findings for one of those industries, but rest assured, more information can be found in our one-page rundowns and the report itself.

Financial services companies are prime targets for attackers around the world but Japan’s robust and global financial industry makes it particularly attractive for cyber criminals and a major risk for millions of people. Attacks on financial services companies often come from two directions, seeking the personally identifiable information, or PII, of customers, and that of employees themselves.

When it comes to customer data, phishing was the most common way attackers sought to access it with 31% of all attacks coming in this form since 2021. Of note, English was the most frequently used language in these phishing attacks. The use of English rather than Japanese, a language that relatively few foreigners speak, highlights the degree to which language barriers impact the targeting of Japan.

Cryptocurrency exchanges were also major targets as cyber attackers, specifically those that are state-sponsored (more on that in the report) seek out crypto due to its ability to operate outside of traditional financial institutions.
For more detail on the threat landscape of the financial services industry in Japan check out our report, or the handy one-page brief specifically looking at this industry.