Last updated at Mon, 17 Jul 2023 16:26:56 GMT
Recently, we released a major report analyzing the threat landscape of Japan, the globe’s third largest economy. In that report we looked at the ways in which threat actors infiltrate Japanese companies (spoiler alert: it is often through foreign subsidiaries and affiliates) and some of the most pervasive threats those companies face such as ransomware and state-sponsored threat actors.
We also took a look at some of the hardest hit industries and it should come as no surprise that some of the most commonly attacked companies are in industries where Japan currently excels on a global scale. Think manufacturing and automotive, technology & media, and financial services.
The Japanese automotive industry is massive in scale. Japanese car brands are ubiquitous the world over making them a major target for cyber criminals. The global nature of their business means many foreign entities affiliated with Japanese companies can be sources of infiltration by attackers. Product security is a major concern and car maker IP is valuable. Often these attacks come in the form of ransomware and they often impact the supply chain of automakers as foreign subsidiaries and partners are ripe targets. Vulnerabilities in product features such as keyless entry and diagnostic tools also make for lucrative bounties for ransomware groups.
But those are not the only data sets that attackers seek. Auto companies may have a great deal of personally identifiable information about their customers. This information can include customer addresses, names, email, and even VIN numbers. They can lead to increased identity theft by threat actors and even fraudulent financial actions.
Customers aren’t the only victims of identity theft as PII of employees at automotive industry companies is also prevalent. Business email attacks are common as these employees are high-valued targets. Phishing attacks can lead to fraudulent financial transactions framed as legitimate business practices.