Japan enacts new Active Cyberdefense Law allowing for offensive cyber operations The Record from Recorded Future News

pppLeadershipppCybercrimeppNationstateppElectionsppTechnologyppCyber DailyppClick Here Podcastpp Free Newsletterpp Japan on Friday enacted a new law that would permit the countrys authorities to preemptively engage with adversaries through offensive cyber operations to ensure threats are suppressed before they cause significant damage pp The new law which was first mooted in 2022 is intended to help Japan strengthen its cyber defense to a level equal to major Western powers and marks a break from the countrys traditional approach to cyber defense which had tracked closely to its Article 9 constitutional commitment to pacifism pp The new Active Cyberdefense Law mirrors recent reinterpretations of Article 9 providing Japans SelfDefence Forces with the right to provide material support to allies under the justification that failing to do so could endanger the whole of the country pp It explicitly allows law enforcement agencies to infiltrate and neutralize hostile servers before any malicious activity has taken place and to do so below the level of an armed attack against Japan while the SelfDefence Forces will take responsibility for tackling particularly sophisticated incidents pp The new law is intended to enable Japan to identify and respond to cyber attacks more quickly and effectively according to Yoshimasa Hayashi Japans chief cabinet secretary who added on Friday that it would help Tokyo equal or exceed the cyber capabilities of major European countries and the US pp The law also provides the Japanese government with the power to analyze foreign internet traffic either entering the country or just transiting through it although the government has stressed it will not be collecting or analyzing the contents of this traffic as reported by Kyodo News pp Similar to many countries which provide statutory protections for citizens communications Japans efforts to tackle cyberattacks have caused controversy over the potential infringement on Article 21 of the countrys constitution pp The new law will not allow the government to collect and analyze internet traffic generated domestically The Japanese government has argued that most of the cyberattacks the country faces originate from international sources pp Japan is also to set up an independent oversight panel that will give prior authorization to all acts of data collection and analysis as well as for offensive operations intended to target attackers servers pp The Financial Times reported that financiallymotivated and statesponsored attacks targeting the country were at an alltime high according to a National Police Agency report and government advisers pp In 2023 it was reported that suspected Chinese hackers breached Japans cybersecurity agency and potentially accessed sensitive data stored on its networks for nine months before being discovered pp That followed a report by the Washington Post that the US National Security Agency discovered Chinese military hackers had compromised Japans defense networks back in 2020 described as one of the most damaging hacks in Japans history pp Last week the countrys financial regulator disclosed that 2 billion in unauthorized stock market trades over online trading platforms had been conducted by hackers ppAlexander Martinppis the UK Editor for Recorded Future News He was previously a technology reporter for Sky News and is also a fellow at the European Cyber Conflict Research InitiativeppPrivacyppAboutppContact Uspp Copyright 2025 The Record from Recorded Future Newsp