Japan's plan to start offensive cyber operations is the latest development in its work toward 'proactive cyber-defense'.
Cyber attacks are indeed a critical concern for Japan. In 2025, the country weathered 226 cases of damage from ransomware attacks alone. One ransomware attack on Asahi Group Holdings, a large beverage and food company, resulted in an estimated JPY5 billion ($31.4 million USD) in lost revenue and JPY2 billion ($12.6 million USD) in lost profit. Phishing scams also grew to a record high of over 2,450,000 cases in 2025. To make matters worse, an audit on Japan’s government discovered that nearly 60 critical systems had inadequate security controls and management.
Japan’s decision to allow “proactive cyber-defense” is one apparent effort to limit the damage of these cyberattacks, and has been discussed for a while. In May 2025, the country enacted an Active Cyberdefense Law, which laid the legal groundwork for Tuesday’s actions. The law gave the government the authority to infiltrate and defuse hostile servers before an attack even occurs. This made headlines for differing from Japan’s traditional stance, prioritizing defense over offense, and also for triggering larger conversations about privacy. Internet traffic, metadata, and IP addresses involved in communications between foreign countries and Japan (or vice versa) may also be monitored and investigated under the new law.
In the press conference, Secretary Kihara addressed concerns about the violation of privacy with the more proactive cybersecurity stance: “In the cyber measure enhancement [...], there are some specific requirements and procedures, conditions, so that we can [have] correct mechanical information about [...] cyber attack sources. The Cyber Management Committee carries out the inspection, examination … we pay due respect to the privacy and the safe implementation of the measure.” The Active Cyberdefense Law will not go into effect until 2027, but Japan plans to start offensive cyber operations as soon as October 1, 2026.
The decision to start these operations sooner rather than later was likely influenced by the United States-Israel war on Iran, a conflict fought in the cyber domain as much as it is on land. Since the war began, there has been a notable uptick in malicious cyber activity in retaliation for US-Israel actions. Akami reportedly found a 245% increase in cybercrime in North America, Europe, and parts of Asia-Pacific since the first attack on Iran at the end of February. The most targeted industries - banking, fintech, and e-commerce - were subject to malicious traffic with IPs from Iran, Russia, and China, by “geopolitically motivated hacktivists” who rely on proxy services from Russia and China to attack.
Japan’s turn toward offensive cyber activity is not particularly unique on the global stage, either. The US has admitted to cyber offensive campaigns on Venezuela’s government, and President Trump’s new Cyber Strategy commits to deploying “the full suite of U.S. government defensive and offensive cyber operations”. China has been accused of launching cyber espionage campaigns against the US and Australia. Russia has similarly been accused of sponsoring (and conducting) attacks on countries in Europe. Though Russia, China, and Iran are most suspected of sponsoring cyber operations, 34 countries, including the UK and Canada, have been suspected of doing the same, albeit on a smaller scale, since 2005.
Japan’s plans for offensive cyber operations may be in the headlines again as the country works with the US to address issues arising from the war on Iran. On March 19th, 2026, Trump met with Japan’s Prime Minister Sanae Takaichi. Though Japan agreed with other countries asking for an “immediate comprehensive moratorium on attacks on civilian infrastructure, including oil and gas installations”, Trump shared that he believed Japan is “really stepping up to the plate, yes - unlike NATO,” to help open the Strait of Hormuz. As the situation continues, it’s not impossible that Japan’s support may come in the form of cyber operations the government has recently deemed acceptable.