The Defense Ministry plans to position sensors at what it designates “monitoring bases” on the Internet, designed to defend the information network of the Self-Defense Forces from cyber-attacks, it was learned Thursday.
Envisaged in the three-year project from this fiscal year is a framework under which “decoy sensors” will be installed at points away from the true core of the online information network. These sensors are to detect any signs of incoming cyber-attacks so the information network can quickly be warned of imminent danger.
They will also be utilized for crisis control for the entire government. The cyberdefense unit established last month will be in charge of operating the system.
The ministry plans to set up its own servers on the external network and locate sensors at these servers, aiming to lure cyber-attackers to obtain the latest information on them.
Some of the functions the sensors are expected to carry out include: 1) understanding possible attacker movement, 2) detecting illicit websites, and 3) blocking distributed denial of service (DDoS) attacks, which disrupt computer functions by overloading servers with massive volumes of data.
The sensors are to collect e-mails with viruses attached and to trace them back to compromised computers likely to be used in DDoS attacks, allowing such malicious telecommunications to be blocked. The information will constantly be transmitted to the ministry’s information network, which will be utilized for defense purposes.
Alerts about any serious threats will be sent to the entire government through the National Information Security Center at the Cabinet Secretariat. Details will also be sent to defense-related companies, including those that manufacture equipment for the SDF.
The information network is vital for the smooth operation of SDF units and communication among them. Should the network functions be disrupted by cyber-attacks, the whole system may descend into chaos.
Until now, the network has been protected by defenses that block intrusions with round-the-clock monitoring for possible computer virus infections. However, this system offers no protection outside of the network itself.
“Imagine a facility equipped with lots of security cameras on the inside, but with virtually nothing monitoring the nearby vicinity,” remarked a senior Defense ministry official.
It was also confirmed that “public drinking fountain attacks” have been occurring since around summer last year, in which cyber-attackers deploy viruses to websites frequently browsed by governmental officials, such as news sites, to infect their computers. The sensors will also monitor these new types of attacks.
The cyberdefense unit is an organization newly established in March in the Joint Staff Office at the ministry. Manpower is a major issue, with the unit only having a staff of about 90.
At the meeting of the Japan-U.S. Security Consultative Committee held in October, attended by foreign affairs and defense ministers from both countries, Japan and the United States agreed to accelerate their cooperation in the area of cyberspace, which is called the fifth field of military operations alongside ground, sea, air and space.
The Defense Ministry plans to deepen cooperation in this area, where the United States is considered to be a global leader.