Japanese Companies Brace for More Attacks as Cybercrimes Climb

The recent wave of cyberattacks against Japanese businesses has exposed critical weaknesses in the country’s corporate digital defenses, fueling fears of further disruption to sales and supply chains.In the past month, Asahi Group Holdings Ltd. was forced to take its distribution system offline and revert to phone orders for beer and beverages after a ransomware attack, while retailers relying on Askul Corp. lost access to their e-commerce platforms.

The surge reflects a combination of factors, including the rise of post-pandemic remote work, greater use of cryptocurrency and artificial intelligence that make it easier for bad actors to communicate with their victims and claim ransoms, according to security experts. There were 116 reported cases of ransomware attacks in the first half of the year, matching a record last seen in 2022, data from the Tokyo Metropolitan Police Department show.

“There’s definitely been a trend for Japanese companies to be targeted more and more,” said Lauro Burkart, a Singapore-based official with Israeli cybersecurity firm Sygnia Consulting Ltd. The country has “a lot of lucrative targets,” he said.

In a typical ransomware attack, hackers block access to important files or systems and demand payment in return to restore access.

Askul’s incident left Muji, the minimalist household goods retailer operated by Ryohin Keikaku Co., and department store company Sogo & Seibu Co. without the ability to sell online. Although the recent incidents were temporary and mainly hit shopping, manufacturers with weaker systems could face deeper disruptions, threatening their bottom lines.

Corporate Japan’s slower embrace of digital workflows and limited English proficiency used to be unintentional protective barriers, according to Nobuo Miwa, president of Tokyo-based cybersecurity firm S&J Corp. Ransomware gangs often overlooked targets in the country because many were unfamiliar with crypto payments, making it more difficult for them to pay.

“I’ve actually received multiple inquiries from companies saying they want to pay and asking how to do it,” Miwa said.

The Port of Nagoya, one of Japan’s biggest container terminals, was forced to suspend operations in 2023 after a ransomware attack disrupted communication systems. Entertainment and publishing company Kadokawa Corp. suffered a breach last year that leaked data on more than 250,000 people.

Japanese corporate structures compound the risk, said Tetsutaro Uehara, a member of a government panel on cybersecurity and professor of information technology and engineering at Ritsumeikan University.

“Japan’s biggest issue is how companies tend to throw everything to their system integrators,” Uehara said, adding that this reduces in-house cybersecurity expertise. “IT isn’t integrated into corporate strategy, and chief information officers tend to be either symbolic or absent.”

According to a report by San Francisco-based software firm Fastly Inc., roughly 46% of Japanese companies have appointed a chief information security officer, or CISO, compared with the global average of about 70%.

Despite the recent spate of attacks, Japan and the region remain relatively small compared to the scale of cybercrime in North America, which accounted for 64% of victims globally in September, according to a report by Check Point Software Technologies Ltd. The Asia-Pacific region represented 12%, the Tel Aviv-based security software provider said.

Yet that number could rise, suggested S&J’s Miwa.

“It’s like an infectious disease finally reaching the Galapagos” Islands, Miwa said. “Once it makes a full circuit, cases may decline, but Japan hasn’t gone through that first wave yet; the damage will continue to grow.”

Photograph: Bottles of Asahi Wilkinson carbonated water stored at the Sasaki liquor store in Tokyo, Japan, on Friday, Oct. 3, 2025. Photo credit: Soichiro Koriyama/Bloomberg