Japan's Board of Audit says appropriate security measures have not been taken for 58 information systems in use by 12 government offices, such as failure to update software.
The board made the finding after examining security measures on 356 information systems used by 40 government offices, which include both central government offices and their regional branches. System operation and maintenance work had been performed on the systems in the three years up to fiscal 2023.
It also found that access records had not been kept for 102 systems utilized by 19 government offices, leaving them unable to take countermeasures in the event of unauthorized access.
Information systems used by central government offices and their regional branch offices are supposed to be registered at the Digital Agency. But the board found that 137 systems, or about 40 percent of those examined, were not.
The board said that security measures in unregistered systems were found to be more insufficient than in registered ones.
There are reportedly more than 200 cases of cyberattacks a year on central government offices and their regional branches.
The board says that as the central government is expected to ensure fail-safe information security, it will monitor whether appropriate security measures are being taken at government offices.
Japan's public institutions have often been the targets of cyberattacks.
In 2015, about 1.25 million cases of personal data were leaked from the information system of the Japan Pension Service following an unauthorized access.
In 2022, the Osaka General Medical Center temporarily suspended almost all services following a cyberattack on its electronic medical record system.
In the following year, operations of container terminals at the port of Nagoya were disrupted by ransomware, forcing container loading and unloading to stop and massively hindering distribution of goods.
----------------
Quiz 1:
According to the article, how many information systems used by government offices were examined?
A. 200
B. 356
C. 400
D. 500
[Answer block]
Answers:
Quiz 1: B
Quiz 2:
In which fiscal year did system operation and maintenance work last occur on the systems under examination?
A. Fiscal 2024
B. Fiscal 2023
C. Fiscal 2022
D. Fiscal 2021
[Answer block]
Answers:
Quiz 2: B
Quiz 3:
What percentage of the information systems examined were not registered at the Digital Agency?
A. More than 50%
B. Approximately 40%
C. About 30%
D. Less than 20%
[Answer block]
Answers:
Quiz 3: B
The board made the finding after examining security measures on 356 information systems used by 40 government offices, which include both central government offices and their regional branches. System operation and maintenance work had been performed on the systems in the three years up to fiscal 2023.
It also found that access records had not been kept for 102 systems utilized by 19 government offices, leaving them unable to take countermeasures in the event of unauthorized access.
Information systems used by central government offices and their regional branch offices are supposed to be registered at the Digital Agency. But the board found that 137 systems, or about 40 percent of those examined, were not.
The board said that security measures in unregistered systems were found to be more insufficient than in registered ones.
There are reportedly more than 200 cases of cyberattacks a year on central government offices and their regional branches.
The board says that as the central government is expected to ensure fail-safe information security, it will monitor whether appropriate security measures are being taken at government offices.
Japan's public institutions have often been the targets of cyberattacks.
In 2015, about 1.25 million cases of personal data were leaked from the information system of the Japan Pension Service following an unauthorized access.
In 2022, the Osaka General Medical Center temporarily suspended almost all services following a cyberattack on its electronic medical record system.
In the following year, operations of container terminals at the port of Nagoya were disrupted by ransomware, forcing container loading and unloading to stop and massively hindering distribution of goods.
----------------
Quiz 1:
According to the article, how many information systems used by government offices were examined?
A. 200
B. 356
C. 400
D. 500
[Answer block]
Answers:
Quiz 1: B
Quiz 2:
In which fiscal year did system operation and maintenance work last occur on the systems under examination?
A. Fiscal 2024
B. Fiscal 2023
C. Fiscal 2022
D. Fiscal 2021
[Answer block]
Answers:
Quiz 2: B
Quiz 3:
What percentage of the information systems examined were not registered at the Digital Agency?
A. More than 50%
B. Approximately 40%
C. About 30%
D. Less than 20%
[Answer block]
Answers:
Quiz 3: B
Similar Readings (5 items)
summary of Japan audit board finds security shortcomings in government information systems
summary of Japan audit board finds security shortcomings in government information systems
Japan's Digital Agency inspected over My Number ID system errors
Japanese audit finds flaws in aid projects in Fiji
Summary: Japan Board of Audit: Over 54 bil. yen improperly paid for COVID, other measures
Summary
The Board of Audit discovered inadequate security measures for 58 information systems used by 12 government offices in Japan, with software updates neglected. After examining 356 systems across 40 offices, it found that access records were missing for 102 systems and that many unregistered systems
Statistics
397
Words1
Read CountDetails
ID: 1563caae-ce03-4bdb-9c78-ec0bce0a9d18
Category ID: nhk
URL: https://www3.nhk.or.jp/nhkworld/en/news/20250912_16/
Date: Sept. 12, 2025
Created: 2025/09/13 07:02
Updated: 2025/12/08 02:10
Last Read: 2025/09/13 14:25