Cyber Incident Victim: Fukuoka Prefecture Violence Elimination Movement Promotion Center

On September 7, 2022, multiple Japanese government websites experienced disruptions attributed to cyber-attacks, with the Russia-affiliated hacking group Killnet claiming responsibility. The incidents affected approximately 20 websites across four government ministries and caused login issues on the e-Gov administrative portal operated by Japan’s digital agency. Chief Cabinet Secretary Hirokazu Matsuno confirmed the government was investigating whether a denial-of-service (DDoS) attack caused the outages, which rendered sites inaccessible on the evening of September 6. Services were restored by September 7 following mitigation efforts. Matsuno acknowledged Killnet’s public claim of involvement but emphasized the government’s investigation remained ongoing to confirm the group’s role and the precise attack vector. The e-Gov portal disruptions impacted citizen access to administrative services, though no data breaches or permanent damage were reported.

Threat intelligence analysts, including Check Point’s Sergey Shykevich, assessed Killnet as the likely perpetrator, linking the attacks to Japan’s support for Ukraine during the Russia-Ukraine conflict and historical tensions over the Kuril Islands. The group’s tactics aligned with previous disruptive campaigns targeting nations opposing Russian interests, including DDoS attacks and data theft operations in Italy, Lithuania, Estonia, Poland, and Norway. Shykevich characterized the incidents as intended to cause operational inconvenience rather than severe infrastructure damage. Japanese authorities did not disclose technical specifics of the attacks or confirm whether data was exfiltrated. Restoration efforts concluded within hours, with no reports of prolonged downtime or secondary disruptions. The incident underscored recurring vulnerabilities in public-facing government systems to DDoS campaigns.