Ransomware gangs target Japan as a feeding ground

The Tsurugi Municipal Handa Hospital is a modestly sized, dreary pile in a somnolent corner of Shikoku island. It looks on to a river, backs on to a hill and serves an ageing local population last clocked at 8,048.

The perfect place, therefore, for the world’s most ruthless cyber-gangs to expand their assault on everyday life, shift the globalised ransomware war front deep into Asia and confront a whole new victim-scape with one of the more excruciating debates of modern business.

At this point the Handa hospital is just about back to normal, barring apologies and incident reports. But for two months at the end of last year, it was paralysed — unable to accept new patients and perform other basic functions after a ransomware attack targeting the extortionists’ sweet spot of medical records.

The assault on a stretched rural Japanese hospital during a pandemic would, under any circumstances, offer a chilling reminder of how unrepentant ransomware gangs are in pursuit of a payday. As a decade of rapidly rising attacks has shown (reported incidents more than doubled in the UK between 2020 and 2021), no company or institution is off limits, no weakness unexploitable, no threatened collateral harm too pitiless.

The medical, educational, infrastructure, legal and financial industries are favourite targets precisely because the stakes are so high and the threats so agonising. They are also getting more sophisticated. The average time spent inside a company’s network before a ransom demand is made is rising. The additional time, say former GCHQ officials in bleak briefings on the issue, is spent honing the most acutely painful threat.

The scale of financial carnage, too, continues to surge. In its 2021 report, IBM Security calculated that, globally, the average cost of a ransomware breach had hit a record $4.62mn — a figure that did not even include the ransom payment, which some experts reckon are handed over in at least a third of cases.

But the Handa incident, say cyber-ransom negotiators at Nihon Cyber Defence (NCD) — an agency that advises the Japanese government and whose team includes the founding head of the UK’s National Cyber Security Centre — underscores an…