Nikkei hit with cyberattack anew

Image courtesy of Towfiqu Barbhuiya

Another cyberattack has rocked media giant Nikkei, this time over at Singapore— the headquarters of its Asian unit.

The ransomware attack involved one of the servers of Nikkei Group Asia. Said server was immediately shut down following detection of unauthorised access on May 13, Nikkei said in a statement.

While no data leak has been confirmed so far, Nikkei said the affected server “likely contained customer data.” 

Nikkei and its Nikkei Group Asia unit have already informed data protection authorities in Japan and SIngapore, as Nikkei is in the process of determining the scope of the attack.

This recent Nikkei data breach should shake enterprises to action against the growing sophistication of cyber criminals, noted Joanne Wong, Vice President, International Markets at LogRhythm.

“The most recent attack on Nikkei Group’s Asia headquarters in Singapore serves as an important reminder that even previous targets of cyberattacks are not spared from being targeted again,” Wong said.

Back in 2019, an employee of Nikkei’s United States unit fell prey to scammers, unwittingly transferring US$29 million of Nikkei America funds to a Hong Kong bank account.

Wong also found assurance that no customer data has been affected, as per Nikkei.

“It would be even more assuring to conclude for certain that there has indeed been no compromise of customer data, once the investigations are completed. On the upside, what’s commendable is how Nikkei immediately reported the incident to the relevant authorities upon discovery of unauthorised access to their server on May 13. We believe that sharing of threat information will ultimately help thwart similar attacks, and possibly expedite identification of the attackers too,” she said.

Apart from just having the capability to detect data breaches, Wong advocated for swift response protocols to cyberattacks.

“One way to do so is via automation. For example, businesses could look into equipping themselves with the capability to detect malicious/out-of-the-ordinary behaviour, which also instantaneously enables network infrastructure to block access attempts. Additionally, patching aggressively, creating backups, preparing a response plan, and prioritising educational training can be crucial to protecting valuable data and ensuring business continuity,” she said.