Risky Bulletin: Japan Passes Active Cyber Defense Law
Hosted by Patrick Gray on Risky Business
Release Date: May 19, 2025

Introduction

In the latest episode of Risky Bulletin, host Patrick Gray delivers a comprehensive update on significant developments in the cybersecurity landscape. Filling in for Claire Aird, Gray navigates through a myriad of critical topics, ranging from legislative changes in Japan and the Netherlands to high-profile cyber incidents involving major corporations and government entities.

Japan's New Active Cyber Defense Law

One of the episode's focal points is Japan's groundbreaking legislation in the realm of cyber defense. Japan has enacted a new law empowering authorities to proactively disrupt imminent cyber attacks. Patrick Gray highlights the key facets of this law:

• Preemptive Measures: "Japan has passed a new active cyber defense law that allows authorities to preemptively disrupt imminent cyber attacks," Gray explains ([00:04]).

• Role of Police and Self-Defense Forces: The law designates police cyber units to handle immediate threats, while the Self-Defense Forces are mobilized for more sophisticated attacks.

• Mandatory Reporting and Monitoring: Critical sector operators are now required to report breaches to the government. Additionally, the law grants the government the authority to monitor and analyze internet traffic traversing Japan.

This legislative move signifies Japan's commitment to bolstering its cyber defense mechanisms in response to the escalating threat landscape.

Netherlands Criminalizes Cyber Espionage

Shifting focus to Europe, the Netherlands has introduced stringent measures against cyber espionage:

• Legal Ramifications: Under the new law, individuals engaged in cyber espionage for foreign governments face up to 12 years in prison.

• Scope of the Law: Effective from last week, the legislation applies to both Dutch citizens and foreign nationals residing within the country.

Gray underscores the significance of this development by stating, "The Netherlands has passed a law criminalizing cyber espionage, marking a pivotal step in international cybersecurity enforcement." ([00:04])

Pentagon's Brief Pause on Offensive Cyber Operations Against Russia

In U.S. cybersecurity news, there has been a contentious revelation regarding the Pentagon's stance on cyber operations targeting Russia:

• Temporary Cessation: Defense Secretary Pete Hegseth reportedly ordered a halt to offensive cyber operations against Russia in February, shortly after his appointment.

• Contradictory Statements: Republican Congressman Don Bacon, chair of the House Armed Services Cyber Subcommittee, claims the pause lasted only one day. However, this assertion conflicts with Pentagon sources, which have denied issuing such an order.

Gray notes the uncertainty surrounding this issue, highlighting the conflicting narratives between military officials and congressional representatives.

British Telco O2's Data Leak Due to 4G Network Misconfiguration

A critical vulnerability has been uncovered within the UK's O2 telecommunications network:

• Data Exposure: A misconfiguration in O2’s 4G network allows individuals who call an O2 subscriber via voice over LTE to access raw data, including IMEI and IMSI codes, along with cell tower details.

• Potential Exploits: Mobile app developer David Wheatley points out that this data can be exploited to fingerprint devices and geolocate users based on their phone numbers.

• O2's Response: Despite Wheatley reporting the issue, O2 has yet to respond, raising concerns about the company's security protocols.

Gray emphasizes the risks associated with such vulnerabilities, stating, "The misconfiguration means attackers can potentially fingerprint devices and pinpoint user locations, posing significant privacy threats." ([00:04])

Procolored's UV Printers Compromised with Malware

Cybersecurity vigilance is underscored by a recent incident involving Procolored’s UV printers:

• Malware Bundling: These printers were shipped with bundled software containing a Remote Access Trojan (RAT) and a cryptocurrency clipboard stealer.

• Discovery and Mitigation: The malicious software was identified by YouTube's Serial Hobbyism channel and security firm GData, prompting Procolored to remove the compromised software from their website.

• Unclear Origins: The source and duration of the malware’s presence in the software remain unknown, though GData reports that malicious activity ceased in March of the previous year.

Gray comments on the incident, noting, "It's unclear how the malware was introduced, highlighting the importance of rigorous software supply chain security." ([00:04])

Cyber Attack on a Russian Hospital by Pro-Ukrainian Hacktivists

International cyber conflicts continue to pose threats to critical infrastructure:

• Attack Details: The Licado clinic in Shuvashir, Russia, was targeted by the hacktivist group 4B 1D, resulting in the encryption of over 100 workstations and databases.

• Claim of Responsibility: In a Telegram post, 4B 1D claimed responsibility, stating, "We wiped five servers and encrypted more than 100 workstations and databases." ([00:04])

• Official Response: Russian authorities are investigating the hospital for inadequate IT security and failure to disclose the breach promptly.

Gray reflects on the implications, remarking, "This attack underscores the vulnerability of healthcare institutions to politically motivated cyber assaults." ([00:04])

UK’s NHS Appeals for Enhanced Cybersecurity from Suppliers

In response to rising ransomware attacks, the UK's National Health Service (NHS) is taking proactive measures:

• Open Letter to Contractors: The NHS has urged hospital suppliers to bolster their cybersecurity defenses by:

  • Keeping systems updated
  • Deploying regular backups
  • Implementing multi-factor authentication
  • Enhancing monitoring and logging protocols

• Context: This appeal comes after several UK hospitals experienced ransomware breaches via compromised suppliers.

Gray highlights the importance of supply chain security, stating, "Ensuring that all partners adhere to stringent cybersecurity practices is vital for protecting the healthcare sector." ([00:04])

Global Considerations on Social Media Restrictions for Children

The conversation extends to the intersection of cybersecurity and social policy:

• Proposed Age Restrictions: Greece, France, Ireland, and Spain are advocating for an EU-wide ban on social media usage by children under 15.

• International Precedents: Australia has already implemented a ban for children under 16, with New Zealand contemplating similar measures.

Gray notes the growing concern over the impact of social media on youth, emphasizing the need for coordinated policy efforts across nations.

Notable Cybercrime Cases and Sentences

The episode also delves into several high-profile cybercrime cases:

1. Alabama Man Sentenced for SEC Twitter Hack

   • Eric Council Jr. received 14 months in prison for hijacking the SEC’s Twitter account through SIM swapping.
   • His false announcement regarding Bitcoin ETFs caused a temporary spike in Bitcoin prices before the scam was exposed.

2. Australian Hacker David Key Crees Sentenced in the US

   • Known as Dr.32, Crees admitted to hacking seven American organizations between 2020 and 2021.
   • He was sentenced to time served after cooperation with authorities.

3. Cryptocurrency Theft by a US Gang

   • Twelve individuals have been charged in connection with the theft of over $260 million in cryptocurrency.
   • The operation, led by Malone Lam, primarily targeted a single victim, with most suspects arrested in California and two still at large in Dubai.

Gray underscores the severity and international scope of these cybercrimes, highlighting the challenges in prosecuting and extraditing offenders.

Volkswagen Addresses Mobile App Vulnerabilities

Concluding with corporate cybersecurity measures, Volkswagen has rectified multiple vulnerabilities in its mobile application:

• Previous Risks: The app previously exposed sensitive information, including car ownership details, service history, and user location.

• Discovery and Resolution: Security researcher Vishal Bhaskar identified the flaws, collaborating with Volkswagen to implement necessary fixes.

Gray remarks on the importance of proactive security assessments, stating, "Volkswagen's swift action to patch these vulnerabilities ensures the protection of their users' personal data and maintains trust in their services." ([00:04])

Conclusion

Patrick Gray's Risky Bulletin episode provides a thorough overview of recent and impactful events in the cybersecurity domain. From legislative advancements and corporate vulnerabilities to high-stakes cybercrime cases, the episode encapsulates the dynamic and ever-evolving nature of cybersecurity threats and responses. For those seeking to stay informed on critical cybersecurity updates, this bulletin serves as an indispensable resource.

Notable Quotes

• “Japan has passed a new active cyber defense law that allows authorities to preemptively disrupt imminent cyber attacks.” — Patrick Gray ([00:04])

• “The misconfiguration means attackers can potentially fingerprint devices and pinpoint user locations, posing significant privacy threats.” — Patrick Gray ([00:04])

• “It's unclear how the malware was introduced, highlighting the importance of rigorous software supply chain security.” — Patrick Gray ([00:04])

• “This attack underscores the vulnerability of healthcare institutions to politically motivated cyber assaults.” — Patrick Gray ([00:04])

• “Ensuring that all partners adhere to stringent cybersecurity practices is vital for protecting the healthcare sector.” — Patrick Gray ([00:04])

• “Volkswagen's swift action to patch these vulnerabilities ensures the protection of their users' personal data and maintains trust in their services.” — Patrick Gray ([00:04])

Additional Information

For more detailed insights and updates, listeners are encouraged to subscribe to Risky Bulletin and follow the Risky Business team. Stay informed and stay secure.