The National Institute of Information and Communications Technology (NICT) under the Ministry of Internal Affairs and Communications has developed a “virtual system” that simulates cyberattacks against local governments. In response, the ministry will conduct the first cyber-defense drill for local governments using the new system this fall. By simulating cyberattacks that actually took place in Saga Prefecture, in which over 10,000 high school students’ records were leaked, the ministry aims to enhance local governments’ coping skills.
The drills are also aimed at preparing for possible cyberattacks targeting the “My Number” system, the 12-digit personal identification numbers used for tax and social security that were introduced at the beginning of this year.
The “virtual system” can create operational environments that simulate those of local governments such as the Basic Residents’ Registration Network and the Local Government Wide Area Network (LGWAN), communication channels used exclusively among local governments for information transmission. In this way, participants in the drill can virtually experience unauthorized access to personal information stored by local governments or targeted email attacks.
During these drills, participating local governments will respond to a simulated leakage of “my numbers” so that they can learn to minimize the damage caused by cyberattacks like identifying an attacked terminal and leaked information, as well as reporting to supervisors.
The ministry will sponsor drills at 11 different locations across the country from September through November of this year where they expect 300 to 500 local governments to participate. Cyberattacks against local governments have been increasing throughout Japan, as has the damage they cause. In June of this year, rosters including the names of about 1,600 students were leaked from three elementary and junior high schools in Oyama City, Tochigi Prefecture.