Japan

July 30, 2020: Konica Minolta hit by RansomEXX

Business technology giant Konica Minolta was hit with a ransomware attack at the end of July. It started with customers reporting that the company's product supply and support site was not accessible. The attack impacted services for almost a week. Some Konica Minolta printers were also displaying a 'Service Notification Failed' error.

BleepingComputer reported a source shared a copy of the ransom note used in the attack and reported devices in the company were encrypted. The ransom note belongs to RansomEXX.

October 31, 2021: Lockbit Ransomware Gang Say Japan Hospital Paid $30K Ransom

Russian hackers claim a Japanese hospital paid $30,000 to regain access to electronic medical records. The records were encrypted in a ransomware attack last October, causing major disruption to the medical institution's operations.

At the time of the Oct. 31 attack, Handa Hospital refused to pay the ransom. The hospital said it will build a new electronic medical record system at a cost of 200 million yen.

The town of Tsurugi, which runs the targeted Hospital, has denied paying ransom money. Experts suspect that an IT firm involved in attempts to restore access to the records secretly reached a deal with the hackers.

Japanese police have been urging those targeted in ransomware attacks to not pay money demanded of them.

February 28, 2022: Kojima Industries, a Toyota Supplier, Suffers Cyberattack

Toyota shut down production in Japan because Kojima Industries , one of its domestic suppliers, suffered a cyberattack. Kojima Industries provides plastic and other parts to Toyota.

Toyota employs a kanban "just-in-time" production method, so when Kojima was hit by ransomware which halted their key plastic and electronics parts production, Toyota chose to shutdown all 14 plants, and their network connections, to contain the spread. Toyota and subsidiaries were unable to keep their plants running. This is occurring amid ongoing parts and component shortages in the industry.

Toyota subsidiaries Hino Motors and Daihatsu Motor will also halt operations at some plants in Japan.

November 11, 2021: Panasonic Breached in Attack

Osaka, Japan-based Panasonic Corporation confirmed its network was illegally accessed by a third party on November 11 and data ended up accessed in the breach, officials said.
As soon as the electronics giant discovered the breach, it initiated an internal investigation and discovered some data on a file server had been accessed during the intrusion. Panasonic spokesperson Dannea DeLisser said the breach began on June 22 and ended on November 3 — and the unauthorized access was first detected on November 11.

June 1, 2021: Fujifilm Now Operating after Ransomware Attack

Japan’s major film provider, Fujifilm, finally restored operations on June 14, following a ransomware attack earlier this month.

On June 4, Fujifilm said it fell victim to a ransomware attack on June 1 which forced the company to shut down its network and servers across the globe. Beyond the shutdown, there were order processing delays. While most regions were able to get back up and running fairly quickly, Japan suffered the biggest impact.

Fujifilm manufactures a wide variety of products, including rapid COVID19 test kits.

February 15, 2021: Turbomachinery manufacturer attacked with ransomware

On February 15, 2021, a defect was detected in internal system of the Elliott head office and confirmed an attack by ransomware on the mail system and certain servers. As the damage from the ransomware attack, some problems were confirmed in production or ordering systems at Elliott plants. Upon detection, Ebara Corporation, the Group’s Headquarters in Japan, and the Elliott Group in the United States immediately undertook a robust forensic investigation to determine the extent of the defect, its impact and potential consequences.
As of this writing, Nefilim Ransomware group has posted teaser files, one 6GB and 1 549KB in size as proof of data breach.

January 1, 2005: Errant AntiVirus Definition Brings Down Railway LANs

WIZARD SPIDER is a sophisticated eCrime group that has been operating the Ryuk ransomware since August 2018, targeting large organizations for a high-ransom return. This methodology, known as “big game hunting,” signals a shift in operations for WIZARD SPIDER. This actor is a Russia-based criminal group known for the operation of the TrickBot banking malware that had focused primarily on wire fraud in the past.

January 1, 2003: Computer Error Grounds Japanese Flights

WIZARD SPIDER is a sophisticated eCrime group that has been operating the Ryuk ransomware since August 2018, targeting large organizations for a high-ransom return. This methodology, known as “big game hunting,” signals a shift in operations for WIZARD SPIDER. This actor is a Russia-based criminal group known for the operation of the TrickBot banking malware that had focused primarily on wire fraud in the past.

January 1, 2006: Power Plant Security Information Leaked Onto Internet

WIZARD SPIDER is a sophisticated eCrime group that has been operating the Ryuk ransomware since August 2018, targeting large organizations for a high-ransom return. This methodology, known as “big game hunting,” signals a shift in operations for WIZARD SPIDER. This actor is a Russia-based criminal group known for the operation of the TrickBot banking malware that had focused primarily on wire fraud in the past.

January 1, 2005: Japanese Nuclear Company Virus Attack

WIZARD SPIDER is a sophisticated eCrime group that has been operating the Ryuk ransomware since August 2018, targeting large organizations for a high-ransom return. This methodology, known as “big game hunting,” signals a shift in operations for WIZARD SPIDER. This actor is a Russia-based criminal group known for the operation of the TrickBot banking malware that had focused primarily on wire fraud in the past.

Pin It on Pinterest

Scroll to Top
Scroll to Top