Cyber Incident Victim: Ministry of Health, Labour and Welfare
Date:
Oct 2015
Location:
Japan
Summary
The Japanese Health, Labor and Welfare Ministry's website experienced prolonged inaccessibility following a suspected distributed denial-of-service (DDoS) attack, with officials investigating potential involvement by the hacker group Anonymous based on social media claims. This incident occurred amid heightened cybersecurity concerns following similar attacks on Tokyo 2020 Olympics infrastructure and regional airports, which Anonymous had previously claimed as protests against dolphin hunting practices. Historical context includes prior cyber assaults by the group targeting government entities in opposition to anti-piracy legislation involving internet surveillance. Authorities were working to restore services while examining motives, coinciding with national preparations for enhanced digital security measures ahead of international events.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
The website of Japan's Health, Labor and Welfare Ministry became inaccessible starting Friday night on October 21, 2015, and remained down through Saturday afternoon. Ministry officials confirmed the outage and initiated an investigation into its cause, citing a possible distributed denial-of-service (DDoS) attack by the hacker collective Anonymous. This suspicion arose from a Twitter message attributed to Anonymous claiming responsibility for overwhelming the site's servers with excessive traffic to force a shutdown. Technical teams worked to restore website functionality while attempting to verify the attackers' identity and motives. The incident occurred amid heightened cybersecurity alerts by the Tokyo Metropolitan Police, following a similar DDoS attack on November 5 against the Tokyo 2020 Olympics Organizing Committee's website. The Olympics hosting provider had detected abnormal traffic volumes deemed a deliberate attempt to crash servers, prompting a temporary system shutdown. Neither the ministry nor the Olympics committee could confirm Anonymous' involvement in either incident at the time, though investigations were ongoing.
This incident aligned with a pattern of cyberattacks against Japanese entities by Anonymous. On October 10, 2015, the group claimed responsibility for DDoS attacks on Narita and Chubu airports, linking them to protests against Japan's dolphin hunting practices. Earlier, in 2012, Anonymous targeted multiple Japanese government websites—including the Finance Ministry, Supreme Court, and political parties—after the implementation of stricter anti-piracy laws imposing penalties for illegal downloads. These historical attacks often featured server overloads or webpage defacements. The 2015 health ministry outage coincided with Japan's preparations for the World Economic Forum's cybersecurity conference in Okinawa, which focused on protecting critical infrastructure ahead of the 2020 Olympics. Japanese officials had previously announced plans to establish specialized cybersecurity units following the 2012 London Olympics website attacks, emphasizing personnel training and threat monitoring enhancements. The health ministry website restoration timeline and final attribution conclusions were not explicitly detailed in available reports.