One-third of Japanese Companies Report Incidences of Cyber-Assaults in Survey Results
A recent survey by Teikoku Databank has revealed a significant increase in cyberattacks on Japanese companies, with distinct patterns emerging across various company sizes and industries.
The survey, conducted online and aimed at 26,389 companies nationwide, received 10,645 valid responses. It found that in the past month, 6.7% of all surveyed companies experienced a cyberattack, with approximately one-third (32.0%) of Japanese companies reporting experiencing such an attack. Small and medium-sized firms, in particular, had a higher rate of cyberattacks (28.1%) compared to large companies (30.3%).
Small and medium-sized enterprises (SMEs) are notably vulnerable, especially to ransomware attacks. In the first half of 2022, SMEs suffered 59 ransomware incidents, highlighting their exposure due to potentially weaker cybersecurity defenses. Large companies also face considerable attacks, with 36 ransomware incidents recorded in the first half of 2022.
The survey did not provide information about the measures taken by the affected companies to prevent or respond to cyberattacks. However, it is clear that the financial impact of these attacks can be severe. The average cost of a data breach for Japanese companies increased from $2 million in 2019 to $2.7 million in 2020.
Ransomware attacks have surged, with 545 incidents reported globally in May 2025 alone, a consistent upward trend. Japanese firms are part of this global increase, with ransomware groups like Akira, Qilin, and SafePay being active.
Attackers are increasingly exploiting vulnerabilities such as CVE-2025-31324 in SAP environments and using sophisticated malware like Skitnet for stealthy data theft, indicating more complex and targeted attacks on companies with critical IT infrastructure.
The survey did not specify the timeframe for the cyberattacks. However, fiscal year 2024 saw over 21,000 personal information breaches in Japan—a 58% increase from the previous year—indicating widespread exposure of personal and corporate data across industries.
Certain industries appear to be more targeted than others. Professional goods & services, consumer goods, and manufacturing sectors have been targeted frequently in ransomware attacks globally in 2025, including Japan. Banking and financial services have also been a focus, with banking fraud losses exceeding 8.7 billion yen in 2023 in Japan. Healthcare companies and educational institutions have also been victims of ransomware and data breaches. Government organizations are also targeted, with 93 confirmed ransomware attacks in H1 2025.
In conclusion, Japanese companies of all sizes face a rising tide of cyberattacks, with ransomware as the most prominent threat, especially impacting SMEs and industries like manufacturing, consumer goods, professional services, finance, healthcare, and government sectors. Attackers are adopting more sophisticated methods, exploiting known vulnerabilities, and causing significant financial and reputational damage. It is crucial for companies to strengthen their cybersecurity defenses and respond effectively to these threats to protect their assets and maintain the trust of their customers and stakeholders.
- The survey reveals that a significant number of Japanese businesses, particularly small and medium-sized enterprises (SMEs), have suffered from cyberattacks, with ransomware being a major concern due to potentially weaker cybersecurity defenses.
- In addition to SMEs, large companies in Japan also experienced ransomware attacks, indicating that all businesses, regardless of size, need to strengthen their cybersecurity defenses to protect against the rising tide of cyberattacks and the severe financial impact they can have.
