Jump to content

2024 cyberattack on Kadokawa and Niconico

Edit links
From Wikipedia, the free encyclopedia
2024 cyberattack on Kadokawa and Niconico
Kadokawa's temporary website after the attack.
DateJune 8, 2024 – present
LocationJapan
TypeCyberattack, Data breach, Ransomware attack
TargetNiconico, Kadokawa Group's websites
SuspectsBlackSuit

On the morning of June 8, 2024, Kadokawa's website and the Japanese video-sharing platform Niconico, suffered a ransomware cyberattack by a Russian-linked hacker group called BlackSuit who claimed responsibility for the attack.[1]

Background[edit]

Niconico is a Japanese video-sharing platform launched in 2006. Niconico's owner, Dwango is a subsidiary of Kadokawa Corporation.[2] According to Alexa Internet, the site is the 14th most visited website in Japan as of May 1, 2022.[3]

On June 3, 2021, Kadokawa Taiwan reported a cyberattack leaking personal and corporate information.[4]

Two days after the initial attack, Wired noted that ransomware is getting more problematic in 2024, stating that ransomware attacks are "accelerating in 2024"[5]

Japan's cyber security has been criticized for lacking IT expert specialist with about 90% of domestic companies having none according to a think tank survey.[6] One day before the initial attack, Japanese prime minister Fumio Kishida ordered his minister to craft a bill boosting Japan's "active cyber defense".[7]

Summary[edit]

BlackSuit's statement

A connection problem with Kadokawa Group services including Niconico was reported from around 3:30 (JST) on June 8, 2024. Dwango stopped all Niconico services with issues at around 6:00 (JST) on the same day and conducted maintenance.[8][9]

On June 9, Kadokawa reported the incident to the police, expert specialists, and the Kanto Local Finance Bureau. On June 14, upon investigation, Kadokawa confirmed that the outage was caused by a ransomware cyberattack and it was also found out that despite remotely shutting down the website's services, the attackers were observed restarting the servers to continue to spread the malware; in return, Kadokawa physically disconnects the servers power and communication cable.[10] On the same day, Niconico set up a temporary website detailing the situation.[2]

On June 27, the Russian-linked hacker group "BlackSuit" published a statement on the dark web claiming responsibility for the attack and threatening to publish the 1.5 terabytes of stolen data of business partners and user information unless a ransom was paid by July 1st.[11][12][1]

As of July 2, 2024, Niconico and Kadokawa's official website services remain suspended.[2]

On July 10, Kadokawa release a statement warning the public that disseminating any leaked information from the data breach will result to a legal action.[13]

Impact[edit]

Niconico announced that all their scheduled programming is canceled until the end of July.[2]

During this attack, Kadokawa's stock price declined and by July 3, Kadokawa's stock price dropped by over 20%.[14]

See also[edit]

References[edit]

  1. ^ a b NEWS, KYODO (June 28, 2024). "Russia-linked group claims cyberattack on Japanese video site niconico". Kyodo News+. Archived from the original on 29 June 2024. Retrieved 8 July 2024.
  2. ^ a b c d Hazra, Adriana (July 2, 2024). "Niconico Remains Offline After Kadokawa Cyber Attack, No Customer Information Leaks, Publishing at 'One-Third' of Normal Rate". Anime News Network. Archived from the original on 2024-07-04. Retrieved 8 July 2024.
  3. ^ "Alexa - Top Sites in Japan". Alexa Internet. Archived from the original on May 1, 2022. Retrieved 8 July 2024.
  4. ^ Cambosa, Teddy (9 June 2024). "Kadokawa Investigates Suspected Cyber Attack as Several Services Go Offline". Anime Corner. Archived from the original on 9 June 2024. Retrieved 8 July 2024.
  5. ^ Pearson, Jordan (June 10, 2024). "Ransomware Is 'More Brutal' Than Ever in 2024". Wired. Archived from the original on 6 July 2024. Retrieved 8 July 2024.
  6. ^ "Editorial: Japan needs to review cyberattack countermeasures as hackers target firms". Mainichi Daily News. 10 July 2024. Retrieved 10 July 2024.
  7. ^ "Japan PM vows to boost 'active cyber defense' to prevent cyberattacks". Mainichi Daily News. 7 June 2024. Archived from the original on 12 June 2024. Retrieved 10 July 2024.
  8. ^ "KADOKAWA、ランサムウェアなどで攻撃 ニコニコは「1から作り直すような規模の作業が必要」". ASCII.jp (in Japanese). June 14, 2024. Retrieved 8 July 2024.
  9. ^ Cayanan, Joanna (June 9, 2024). "Kadokawa Posts Statement After Suspected Cyber Attack (Updated)". Anime News Network. Archived from the original on 2024-07-01. Retrieved 8 July 2024.
  10. ^ Tai, Anita (June 16, 2024). "Cyber Attack Delays Kadokawa's Releases, Accounting With Niconico Expected to Stay Offline for 1 Month or More". Anime News Network. Archived from the original on 2024-07-01. Retrieved 8 July 2024.
  11. ^ Jiji (3 July 2024). "Hackers behind Kadokawa cyberattack claim new info leak". The Japan Times. Archived from the original on July 3, 2024. Retrieved 8 July 2024.
  12. ^ Sudo, Tatsuya (July 2, 2024). "More Kadokawa data leaked as deadline for ransom passes". The Asahi Shimbun. Archived from the original on July 3, 2024. Retrieved 8 July 2024.
  13. ^ "KADOKAWA、個人の情報"不正"発信行為に「法的措置の準備を進めております」". Oricon (in Japanese). July 10, 2024. Retrieved 10 July 2024.
  14. ^ "KADOKAWA漏えい影響拡大 書籍出荷が滞り、株価2割下落 | 共同通信". 共同通信 (in Japanese). 3 July 2024. Retrieved 8 July 2024.

External Link[edit]

Retrieved from "https://en.wikipedia.org/w/index.php?title=2024_cyberattack_on_Kadokawa_and_Niconico&oldid=1233708765"