The Japanese government will reportedly introduce new regulations across 44 sectors to bolster national cyber defence, partly in response to the Colonial Pipeline hack that occurred last week.
The government plans to amend various laws governing each sector through passing an all-encompassing motion and a new law requiring each sector to be conscious of national security risks, Nikkei said in a report.
The sectors that are expected to see the legislative changes include telecommunications, electricity, finance, railroads, government services, and healthcare, among others. Specifically, these sectors will reportedly be required to look into issues stemming from the use of foreign equipment or services, including cloud data storage and connections to servers located overseas.
The government will also reportedly monitor companies for compliance and gain the power to prevent companies from using foreign equipment if they detect any major issues.
Detailed standards will likely be outlined in future government ordinances and guidelines as well.
Three years ago, Japanese government agencies agreed to stop procuring equipment that could pose national security risks, such as those from Huawei and ZTE. With the latest mandate, the Japanese government now wants to extend that level of stringency to the private sector.
The move comes a week after Colonial Pipeline — one of America’s largest pipeline operators that provides roughly 45% of the country’s east coast fuel — suffered a ransomware attack. Due to the cyber attack, the company had to temporarily close down its operations, freeze IT systems to isolate the infection, and pay close to $5 million to decrypt locked systems.
During the same week of the Colonial Pipeline hack, the culprits of the ransomware attack also hit Toshiba, although the impact of the ransomware attack was primarily in Europe rather than domestically.
Other countries, like the US, have already imposed similar restrictions on tech-related procurement. In the US, companies — both domestic and foreign — are required to gain licensing approval in order to purchase technology built by Huawei and ZTE or sell goods to those Chinese companies if they contain certain US technology.
North of the border, Canadian telcos have also effectively blocked Huawei out of their 5G network builds by signing deals with the Chinese giant’s rivals instead. The Chinese network equipment provider is also banned in Australia and Sweden, and it has not made inroads in New Zealand after GCSB prevented Spark from using Huawei kit in November 2018.
Meanwhile, UK mobile networks have been told they cannot buy any more 5G equipment from Huawei after the end of this year, and that they must remove the Chinese networking company’s technology from their 5G networks by the end of 2027.