Japan faced an unprecedented rise in cyberattacks last month, as Distributed Denial-of-Service (DDoS) attacks reached record levels, according to industry data.
A survey by the Japanese branch of Akamai Technologies, a U.S.-based cybersecurity firm, revealed that DDoS attacks on Japanese businesses soared by 60% in December compared to the same time last year. Both the number and intensity of these attacks hit an all-time high, with financial institutions experiencing a 4.1 times increase and the e-commerce sector seeing a 2.3 times rise.
The finance industry was the primary target, especially on December 30, when attacks peaked. While the situation improved in early January, there was a resurgence in mid-month, signaling continued threats.
DDoS attacks work by overwhelming websites or online services with excessive traffic, making them inaccessible to users. Cybercriminals often use botnets—networks of hacked devices like routers and cameras—to launch these attacks.
Cloudflare, another cybersecurity firm, reported that attacks delivering 1 to 3 terabits of data per second are now common. In contrast, a major cyberattack in September 2022 targeted Japanese government websites and subway operators, peaking at 100 gigabits per second. The December 2024 attacks were estimated to be 10 to 30 times larger than those in 2022.
Security experts warn that traditional defense methods, like traffic restrictions, are becoming ineffective against these “hit-and-run” attacks, which can cause major disruptions before countermeasures can be deployed.
Unlike sophisticated cyberattacks that rely on hacking skills or stolen data, DDoS attacks are relatively simple to execute. Many attackers use botnets purchased from underground markets. Recently, reports surfaced that middle school students in Japan were charged with launching DDoS attacks on school and business websites using third-party services.
A more advanced form of attack, known as distributed reflective denial-of-service (DRDoS), has been growing in popularity since the late 2010s. This method amplifies the attack by tricking internet systems into sending massive amounts of data to a targeted server.
On December 26, Japan Airlines (JAL) suffered a cyberattack that disrupted network equipment, delaying flights for several hours. The airline suspects a DDoS attack was responsible for the incident.
While politically motivated hacking groups, known as hacktivists, often carry out such attacks, no group has claimed responsibility so far. Security analysts speculate that the scale of the attacks suggests possible state-sponsored involvement.
Trend Micro, a cybersecurity firm, reported that at least 60 organizations in Japan were attacked between late December and January 24. Major banks and Japan Airlines were among the victims. Many attacks occurred early in the morning, between 5 a.m. and 7 a.m., aligning with the holiday season when disruptions to travel and financial services would have the most impact.
