Japan Enacts Preemptive Cyber Defense Law: A Shift in Cybersecurity Strategy

TL;DR

Japan has passed a new law allowing preemptive offensive cyber actions, marking a significant shift from its pacifist stance. This law aims to bolster Japan’s cyber defenses and align them with those of major Western powers. The law enables government agencies to conduct hack-back operations and preemptively target hostile infrastructure, with full operational capability expected by 2027.

---

Japan Enacts Preemptive Cyber Defense Law: A Shift in Cybersecurity Strategy

Japan has taken a significant step in bolstering its cyber defenses by enacting the Active Cyberdefense Law. This legislation allows for preemptive offensive cyber operations, marking a shift from the country’s traditional pacifist stance under Article 9. The new law aims to elevate Japan’s cyber defense capabilities to match those of major Western powers and provide broader military support to allies.

Key Provisions of the Active Cyberdefense Law

The Active Cyberdefense Law authorizes government agencies to carry out hacking-back operations. These operations involve infiltrating and neutralizing the infrastructure used by threat actors to target Japan and its organizations. The law also permits authorities to preemptively target hostile infrastructure, even before attacks occur. This proactive approach enables Japan’s Self-Defense Forces to aid allies and handle advanced cyber threats, reflecting a shift in the interpretation of Article 9 for national and allied security.

Implementation and Oversight

The Japanese government aims to make the new legal framework fully operational by 2027. According to Yoshimasa Hayashi, Japan’s chief cabinet secretary, the law is intended to enable Japan to “identify and respond to cyber attacks more quickly and effectively,” helping Tokyo to “equal or exceed” the cyber capabilities of major European countries and the US¹.

To ensure proper oversight, an independent panel will be established to give prior approval for data acquisition and analysis, as well as for actions to neutralize hostile servers. This panel will also monitor government surveillance to ensure it is conducted properly and address concerns from opposition parties over potential government overreach and violation of the constitutional right to secrecy of communications².

Surveillance and Data Monitoring

Under the new law, the Japanese government will monitor and analyze IP addresses involved in international communications passing through or to/from Japan. However, domestic communications and message content, such as email bodies, are excluded from surveillance. This approach aims to balance the need for enhanced cybersecurity with the protection of personal rights.

Recent Cyber Threats in Japan

Japan remains a target for both financially motivated threat actors and advanced persistent threat (APT) groups. Recent incidents include:

• April 2025: Japan’s Financial Services Agency (FSA) warned of hundreds of millions in unauthorized trades linked to hacked brokerage accounts³.
• March 2025: A data breach suffered by the Japanese telecom giant NTT exposed information of nearly 18,000 corporate customers⁴.
• December 2024: A cyberattack hit Japan Airlines (JAL), causing the suspension of ticket sales for flights departing on Thursday⁵.

Conclusion

The enactment of the Active Cyberdefense Law represents a significant shift in Japan’s cybersecurity strategy. By allowing preemptive offensive cyber actions, Japan aims to strengthen its defenses and align with major Western powers. The law’s implementation will be closely monitored to ensure it balances enhanced cybersecurity with the protection of personal rights.

Additional Resources

For further insights, check:

• The Record Media
• Kyodo News
• Security Affairs

References

1. The Record Media (2025). “Japan enacts new law allowing offensive cyber operations”. The Record Media. Retrieved 2025-05-19. ↩︎

2. Kyodo News (2025). “New Japan law allows preemptive defense of infrastructure cyberattack”. Kyodo News. Retrieved 2025-05-19. ↩︎

3. Security Affairs (2025). “Japan’s Financial Services Agency warns of unauthorized trades”. Security Affairs. Retrieved 2025-05-19. ↩︎

4. Security Affairs (2025). “Data breach suffered by Japanese telecom giant NTT”. Security Affairs. Retrieved 2025-05-19. ↩︎

5. Security Affairs (2025). “Cyberattack hits Japan Airlines (JAL)”. Security Affairs. Retrieved 2025-05-19. ↩︎