Regarding Response to a Cyber Attack

A1. A cyber attack is defined as abuse of information and communications networks, information systems to make an unauthorized access, steal, falsify or destroy information, cause information systems to cease functioning or to malfunction, execute a malicious program or implement a DDoS attack (distributed denial of service attack) through cyberspace. As cyberspace expands, cyber attacks can cause serious damages across a wide range of social activities. Furthermore, it remains difficult to identify the sources of cyber attacks and deter them from happening. As a result, response to cyber attacks has become a significant issue in national security and crisis management.

A2. The Ministry of Defense (MOD) and the Self-Defense Forces (SDF) have a framework for responding to cyber attacks against their own information systems and networks.

Within this framework, the Cyber Defense Group was established in March 2014 as a joint unit under the SDF C4 (Command, Control, Communication & Computers) Systems Command. The Cyber Defense Group is responsible for monitoring information and communications networks and responding to cyber attacks on a round-the-clock basis.

Concerning the preparedness for each SDF service, the GSDF System Protection Unit, the MSDF Communication Security Group and the ASDF Computer Security Evaluation Squadron have engaged in monitoring and protecting their own information systems.

(Click to enlarge image)

(Click to enlarge image)

A3. Since it is difficult for the MOD/SDF alone to achieve stable use of cyberspace, they work closely with relevant ministries and agencies such as the National center of Incident readiness and Strategy for Cybersecurity (NISC).

With respect to Japan-U.S. cooperation concerning cyberspace, the Guidelines for Japan-U.S. Defense Cooperation revised in April 2015 and the Joint Statement of the U.S.-Japan Cyber Defense Policy Working Group issued in May of the same year cite the development of a system of prompt and appropriate information sharing and protection of critical infrastructure on which the SDFs and the U.S. Forces rely in the execution of their missions as areas of cooperation between the Japanese and U.S. governments and prescribe measures to ensure the resiliency of individual networks and systems and implementation of educational exchanges and joint exercises as initiatives of the SDFs and the U.S. Forces. Based on these policy guidelines, the MOD/SDF will accelerate the Japan-U.S. cyber defense cooperation.

As for relationships with other countries, the MOD/SDF is promoting information sharing and other cooperation with relevant countries and international organizations, including the United Kingdom, Australia, Estonia and NATO, at various levels.

(Click to enlarge image)

A4. In order to respond to cyber attacks on its own information systems and networks, the MOD/SDF has developed cybersecurity capabilities through measures such as enhancing resiliency, strengthening the information-gathering and investigation/analysis and developing a practical training environment that can verify the cybersecurity response capabilities.

In addition, the MOD/SDF has taken into consideration establishing a career path with the focus on personnel training, enhancing education and using outside experts in order to efficiently train and secure cyber personnel.

In order to ensure effective response to cyber attacks, the MOD/SDF intends to continue systematic consideration of measures to enhance the response capabilities, such as strengthening the Cyber Defense Group, and training and securing personnel.