TOKYO -- Police across Japan received 146 consultation requests from companies and organizations over ransomware attacks in 2021, the National Police Agency (NPA) announced on Feb. 10.
Broken down by half-year terms, police saw 85 consultation requests between July and December 2021, a nearly 40% increase from the 61 cases in the year's first half. It was also four times the 21 cases recorded in the first half of 2020. The NPA believes the attacks, where the perpetrator uses a virus to encrypt the data on a company's or institution's computer system and then demands a ransom to decrypt it again, are spreading as tactics become increasingly sophisticated.
Of the 146 queries in 2021, 79 came from small- to mid-size firms, 49 from large companies and 18 from organizations including medical corporations. Broken down by industry, manufacturers made up the largest proportion at 55 cases, followed by wholesale and retail at 21. Seven cases came from the medical and welfare field, and of those, five from hospitals. Police received ransomware-related calls in 33 prefectures.
Meanwhile, in 41 cases of the 146, culprits behind the attacks demanded that the ransom be paid in either the bitcoin or monero cryptocurrencies, highlighting abuse of the anonymity offered by virtual currency. Four cases involved ransom demands in U.S. dollars. All the ransom letters that could be confirmed were in English. Eighty-two cases involved secondary attacks, where culprits threaten to leak the victim's in-house data on the internet unless further payments are made.
The NPA surveyed the firms and organizations targeted in ransomware attacks. Among the 76 valid responses regarding viral infection routes, 41 said the virus could be traced back to a virtual private network, or VPN, used for remote work and other communications purposes. Fifteen cases involved remote desktops, which allow users to control computers from outside the office.
Meanwhile, among 108 valid responses on the impact of the attacks, 52 respondents (some 48%) took at least one week to recover. Among 97 valid responses on financial losses, in 42 cases (some 43%), the targets spent at least 10 million yen (about $86,100) on investigation and recovery efforts.
(Japanese original by Naritake Machida, Tokyo City News Department)