Japan's largest mobile carrier says cyberattack disrupted some services

Japan’s largest mobile carrier, NTT Docomo, reported that it is working to restore services after a cyberattack temporarily disrupted operations on Thursday.

The Tokyo-based company said in a statement that its system was targeted by a distributed denial-of-service (DDoS) attack, which floods a network with junk traffic from multiple sources, rendering some services unavailable.

From early Thursday morning until late afternoon, local users were unable to access NTT Docomo’s news website, video streaming platform, mobile payment and webmail services and a golf enthusiasts' website. The company reported that access to most services had been restored, although some content updates might still face delays.

NTT Docomo hasn’t attributed the incident to any specific threat actor. In 2023, the company fell victim to a ransomware attack claimed by the notorious gang Ransomed.vc. The group  claimed it was planning to shut down its operation after the alleged arrest of six affiliates in 2023.

NTT Docomo has become one of the latest Japanese companies targeted in a series of cyberattacks in recent months. Earlier in December, Japan’s flag carrier, Japan Airlines (JAL), said an incident delayed some domestic and international flights. The company said part of its system experienced a “surge in traffic,” suggesting a DDoS incident. 

Last month, Japan’s major non-life insurance company, Mitsui Sumitomo Insurance, reported that one of its third-party vendors had been breached by an unnamed ransomware group. The attack could result in the exposure of personal information belonging to thousands of policyholders, according to local media reports.

Earlier last year, it was reported that a major Japanese media company known for producing manga, anime, and video games, Kadokawa, allegedly paid nearly $3 million to Russia-linked hackers known as BlackSuit following a data breach.

In October, Japanese watchmaker Casio warned customers of delivery delays after a ransomware attack. The incident was claimed by the ransomware gang known as Underground.

Other Japanese companies recently dealing with cyberattacks include electric motor manufacturer Nidec, automotive parts manufacturer Yorozu, and the research and development organization Monohakobi.

Japan’s major financial institutions, including Mitsubishi UFJ Bank, Resona Bank, and Mizuho Bank, also experienced disruptions in internet banking services due to alleged cyberattacks, according to local media reports.