Japan and ASEAN cooperate on cybersecurity measures
“We believed we had taken the necessary and sufficient measures. However, this attack was advanced and sophisticated beyond what we had anticipated.”Atsushi Katsuki, president and CEO of Asahi Group Holdings, Ltd., a major Japanese beverage and food company, said this at a news conference on November 27, 2025, regarding a system disruption caused by ransomware (a ransom-demanding computer virus).
The system disruption was discovered on September 29.
About 10 days earlier, attackers had breached the group’s network and stolen passwords and administrative privileges needed to access the data centre.
Early on September 29, ransomware attacks were launched simultaneously from servers, encrypting some data and triggering the disruption.
Factory production was unaffected, but the order and shipment systems used to deliver products to customers were hit.
For roughly two months, the Asahi Group relied on “20th-century-style” phone and fax orders, but key products such as beer continued to fail to reach many retailers and restaurants.
A group calling itself “Qilin” has claimed responsibility for the attack.
President and CEO Katsuki stated, “We have not paid the ransom.
Even if we did, full restoration is not guaranteed, and if it became known that we paid, we would be targeted by other attackers as well.”
He added that backups remained intact and that the company could restore the systems on its own, but system normalisation is not expected until February 2026.
Cyberattacks Know No Borders
A major Japanese company “going up in flames” due to ransomware symbolises how defences against cyberattacks are becoming more difficult each year.
Ransomware, now the dominant form of cyberattack, is a computer virus that infiltrates corporate PCs and servers, encrypts data such as internal documents and customer information, and renders it unusable.
It demands money in exchange for restoring the data, and its name combines “ransom” and “software.”
Infection can occur when someone opens an attached file in a phishing email or clicks a link to access a website.
In effect, there are as many entry routes as there are employees’ computers.
Advances in generative AI are erasing language barriers, and phishing emails are now written in polished, natural language with little to give them away.
Kenichi Sakurazawa, managing director of the Japan Cybercrime Control Centre, warned: “If you have not decided in advance whom to report the damage to and where to seek help, you are finished.”
Large companies face the risk of ransomware not only at headquarters but also at overseas branches.
We have entered an era in which cyberattacks know no “borders.”
Southeast Asia, a Prime Target for Cybercriminals
Ransomware, hacktivism (cyberattacks that use hacking techniques for political or social purposes), and AI-driven cyberattacks are rising worldwide.
The Asia-Pacific region is among the areas hit most frequently.
A February 27, 2025, press release by cybersecurity company Check Point Software Technologies Ltd. states that organisations in the Asia-Pacific faced an average of 2,915 attacks per week over the past 6 months, far exceeding the global average of 1,843 attacks per week.
Southeast Asia, often described as the “growth centre of the world,” has experienced rapid development of its digital economy.
However, security measures and workforce development have not kept pace.
This has made the region an “attractive” target for cybercrime groups seeking financial gain by targeting government agencies and companies through hacking, ransomware attacks, data theft, and other methods.
Late in March 2024, a prominent Vietnamese securities firm, VNDIRECT, was hit by a ransomware attack and suspended trading services for about a week.
In early April 2024, PVOIL, a leading petroleum products seller, suffered a ransomware-related hacking attack that disrupted its electronic invoice issuance system, website, email, and other services.
In mid-June 2024, Indonesia’s national data centre was breached, disrupting systems across many government agencies and causing confusion in areas such as airport immigration operations and procedures for providing scholarship benefits.
The attackers used a ransomware called “LockBit 3.0” and demanded a ransom of 8 million US dollars. It is said to have been among the largest attacks the country has ever experienced.
In late March 2025, Malaysia’s Kuala Lumpur International Airport was hit by a ransomware attack, and attackers demanded a ransom of 10 million US dollars.
Japan’s Public-Private Push for Cooperation
Cross-border cybercrime calls for countries to work in close coordination.
Japan and ASEAN have built cooperation on multiple fronts.
In 2018, the two sides established the ASEAN-Japan Cybersecurity Capacity Building Centre (AJCCBC) in Bangkok, Thailand, as a hub for developing information security talent.
The centre teaches government officials and others how to defend against
and analyse cyberattacks, including targeted-attack exercises that simulate responding to sophisticated emails designed to infect users with malware.
In 2024, the ASEAN-Japan Cybersecurity Community Alliance (AJCCA) was launched to promote information sharing and exchange among cybersecurity organisations across the public and private sectors.
Rudi Lumanto, founder of idNSA (Indonesia Network Security Association), was appointed chairman, while Hiroshi Esaki, president of the Japan Network Security Association (JNSA) and a professor at the University of Tokyo, became vice chair.
Esaki emphasised that “in ASEAN—where rapid economic growth and industrial advancement and digitalisation are underway—cybersecurity measures for industrial and social infrastructure are essential to the sustainable development and growth of socioeconomic activities.”
Trend Micro Inc., a major Japanese cybersecurity company, is working with Interpol to train cybercrime investigators in Southeast Asian countries to analyse how computer viruses and malicious programs work.
Japan’s Ministry of Defence and Self-Defence Forces, together with ASEAN defence authorities, have also conducted joint cybersecurity exercises since 2022.
A comprehensive capstone exercise was held in Tokyo in July 2025.
Japan is strengthening Southeast Asia’s capacity to respond to cyberattacks through a joint effort that brings together both the public and private sectors.
With more than 15,000 Japanese companies operating across the ASEAN region, stronger cyber defence capabilities also help stabilise their production and supply chains.
Through the fight against rapidly evolving cyberattacks, Japan and ASEAN are deepening their ties.
By Akio Yaita
Journalist.
Graduated from the Faculty of Letters at Keio University.
After completing his doctorate at the Chinese Academy of Social Sciences, he worked as a correspondent for the Sankei Shimbun in Beijing and as Taipei bureau chief.
Author or co-author of many books.
[Copyright The Jiji Press, Ltd.]
