Japanese entities experienced 114 damage-causing ransomware attack cases in the first half of this year, up 87 percent from the year before, the National Police Agency said Thursday.
Of the reported ransomware cases, in which attackers demanded payment in exchange for restoring access to company data made unavailable via encryption, 59 targeted medium- and small-sized companies and 36 were large corporations. They included 37 manufacturers, 20 service companies and five hospitals, according to the agency.
In one of the cases reported in the six months through June, Toyota Motor Corp. was forced to suspend operations at all 14 of its domestic plants for one day after parts supplier Kojima Industries Corp. was hit by a ransomware attack on Feb. 28.
So-called double-extortion ransomware attacks, in which attackers demand a ransom payment to de-encrypt data they accessed while threatening to disclose the attack publically if the target does not pay up, comprised 53 of the 81 cases in which the police were able to confirm the type of attack.
A survey of targeted companies and organizations showed that in a majority of the 49 cases for which responses were received, victims spent 10 million yen ($70,000) or more investigating the extent of damage and recovering data.
In at least 36 of the 48 cases in which the companies had backed up their data, they were still unable to recover their records.
The agency warns that even backed-up data can be encrypted in attacks, and the damage can go beyond causing company operations to be suspended.
Emotet, a powerful ransomware that spreads through emails containing files and links, was temporarily neutralized in January 2021 in a coordinated operation involving U.S. and European authorities, but it again began causing increased damage from around February, with a new iteration designed to steal credit card information stored online.
The agency said the number of cyberattacks and other suspicious access attempts detected at police internet connection points stood at an average of 7,800.3 per IP address per day, with 70 percent originating in the United States, Britain, China and Russia.
Police forces nationwide have also taken action on 5,889 cases of cybercrimes during the six months, up 492 from the year before, with 233 cases involving alleged violations of the law prohibiting unauthorized computer access.