Jump to content

2024 cyberattack on Kadokawa and Niconico

Edit links
From Wikipedia, the free encyclopedia
(Redirected from 2024 Kadokawa cyberattack)

2024 cyberattack on Kadokawa and Niconico
Kadokawa's temporary website after the attack.
DateJune 8, 2024 – present
LocationJapan
TypeCyberattack, Data breach, Ransomware attack
TargetNiconico, Kadokawa Group's websites
SuspectsBlackSuit

On the morning of June 8, 2024, Kadokawa's website and the Japanese video-sharing platform Niconico, suffered a ransomware cyberattack by a Russian-linked hacker group called BlackSuit who claimed responsibility for the attack.[1]

Background[edit]

Niconico is a Japanese video-sharing platform launched in 2006. Niconico's owner, Dwango, is a subsidiary of Kadokawa Corporation.[2] According to Alexa Internet, the site is the 14th most visited website in Japan as of May 1, 2022.[3]

On June 3, 2021, Kadokawa Taiwan reported a cyberattack leaking personal and corporate information.[4]

Two days after the initial attack, Wired noted that ransomware is getting more problematic in 2024, stating that ransomware attacks are "accelerating in 2024".[5]

Japan's cyber security has been criticized for lacking IT expert specialists, with about 90% of domestic companies having none according to a think tank survey.[6] One day before the initial attack, Japanese prime minister Fumio Kishida ordered his minister to craft a bill boosting Japan's "active cyber defense".[7]

Summary[edit]

BlackSuit's statement

A connection problem with Kadokawa Group services including Niconico was reported from around 3:30 (JST) on June 8, 2024. Dwango stopped all Niconico services with issues at around 6:00 (JST) on the same day and conducted maintenance.[8][9]

On June 9, Kadokawa reported the incident to the police, expert specialists, and the Kanto Local Finance Bureau. On June 14, upon investigation, Kadokawa confirmed that the outage was caused by a ransomware cyberattack, and it was also found that despite remotely shutting down the website's services, the attackers were observed restarting the servers to continue to spread the malware; in response, Kadokawa physically disconnected the servers power and communication cable.[10] On the same day, Niconico set up a temporary website detailing the situation.[2]

On June 27, the Russian-linked hacker group "BlackSuit" published a statement on the dark web claiming responsibility for the attack and threatening to publish the 1.5 terabytes of stolen data of business partners and user information unless a ransom was paid by July 1st.[11][12][1]

As of July 2, Niconico and Kadokawa's official website services remain suspended.[2]

On July 10, Kadokawa release a statement warning the public that disseminating any leaked information from the data breach will result in legal action.[13]

Impact[edit]

Niconico announced that all their scheduled programming would be canceled until the end of July.[2]

During this attack, Kadokawa's stock price declined, and by July 3, Kadokawa's stock price had dropped by over 20%.[14]

Kadokawa Dwango Gakuen [ja], a private correspondence high school owned by Kadokawa was affected by the attack but restored its services on June 10.[10]

See also[edit]

References[edit]

  1. ^ a b NEWS, KYODO (June 28, 2024). "Russia-linked group claims cyberattack on Japanese video site niconico". Kyodo News+. Archived from the original on June 29, 2024. Retrieved July 8, 2024.
  2. ^ a b c d Hazra, Adriana (July 2, 2024). "Niconico Remains Offline After Kadokawa Cyber Attack, No Customer Information Leaks, Publishing at 'One-Third' of Normal Rate". Anime News Network. Archived from the original on July 4, 2024. Retrieved July 8, 2024.
  3. ^ "Alexa - Top Sites in Japan". Alexa Internet. Archived from the original on May 1, 2022. Retrieved July 8, 2024.
  4. ^ Cambosa, Teddy (June 9, 2024). "Kadokawa Investigates Suspected Cyber Attack as Several Services Go Offline". Anime Corner. Archived from the original on June 9, 2024. Retrieved July 8, 2024.
  5. ^ Pearson, Jordan (June 10, 2024). "Ransomware Is 'More Brutal' Than Ever in 2024". Wired. Archived from the original on July 6, 2024. Retrieved July 8, 2024.
  6. ^ "Editorial: Japan needs to review cyberattack countermeasures as hackers target firms". Mainichi Daily News. July 10, 2024. Retrieved July 10, 2024.
  7. ^ "Japan PM vows to boost 'active cyber defense' to prevent cyberattacks". Mainichi Daily News. June 7, 2024. Archived from the original on June 12, 2024. Retrieved July 10, 2024.
  8. ^ "KADOKAWA、ランサムウェアなどで攻撃 ニコニコは「1から作り直すような規模の作業が必要」". ASCII.jp (in Japanese). June 14, 2024. Retrieved July 8, 2024.
  9. ^ Cayanan, Joanna (June 9, 2024). "Kadokawa Posts Statement After Suspected Cyber Attack (Updated)". Anime News Network. Archived from the original on July 1, 2024. Retrieved July 8, 2024.
  10. ^ a b Tai, Anita (June 16, 2024). "Cyber Attack Delays Kadokawa's Releases, Accounting With Niconico Expected to Stay Offline for 1 Month or More". Anime News Network. Archived from the original on July 1, 2024. Retrieved July 8, 2024.
  11. ^ Jiji (July 3, 2024). "Hackers behind Kadokawa cyberattack claim new info leak". The Japan Times. Archived from the original on July 3, 2024. Retrieved July 8, 2024.
  12. ^ Sudo, Tatsuya (July 2, 2024). "More Kadokawa data leaked as deadline for ransom passes". The Asahi Shimbun. Archived from the original on July 3, 2024. Retrieved July 8, 2024.
  13. ^ "KADOKAWA、個人の情報"不正"発信行為に「法的措置の準備を進めております」". Oricon (in Japanese). July 10, 2024. Retrieved July 10, 2024.
  14. ^ "KADOKAWA漏えい影響拡大 書籍出荷が滞り、株価2割下落 | 共同通信". 共同通信 (in Japanese). July 3, 2024. Retrieved July 8, 2024.

External Link[edit]

Retrieved from "https://wiki.riteme.site/w/index.php?title=2024_cyberattack_on_Kadokawa_and_Niconico&oldid=1234284816"