Major Japanese Mobile Carrier Hit by DDoS Attack

2025-01-03

NTT Docomo,

This article details a recent DDoS attack that targeted NTT Docomo, a major mobile carrier in Japan. The attack disrupted several key services for nearly twelve hours, impacting millions of users. The article also explores the growing trend of DDoS attacks against telecommunication companies globally.

The attack began around 5:27 AM Japan time on January 2nd and continued until around 4:10 PM. During this period, users experienced difficulty accessing services like the goo web portal, the Lemino video streaming service, the dpay billing platform, and the Golf me golf course reservation service. NTT Docomo acknowledged the attack on its website, stating that the network congestion was caused by DDoS attacks. While the core functionality of these services has been restored, some content updates may still be affected due to recovery measures.

This incident follows a series of DDoS attacks targeting various Japanese companies in late December, including prominent institutions like Japan Airlines, MUFG Bank, Mizuho Bank, and Resona Bank. It’s also not the first time NTT Docomo has been targeted by cybercriminals. In September 2023, the Ransomed.vc group demanded a ransom exceeding $1 million from the company, though it remains unclear whether any data was actually stolen.

Telecommunication companies are particularly vulnerable to service-disrupting attacks like DDoS and ransomware due to their low tolerance for outages. Fortunately, NTT Docomo’s mobile phone services remained unaffected by this latest attack.

The perpetrators behind this DDoS attack remain unidentified. However, recent reports suggest a significant rise in DDoS attacks globally. A September 2024 report by Stormwall indicates a 102% increase in DDoS attacks worldwide during the first half of 2024 compared to the same period in 2023. Similarly, a separate report from Nokia in October 2024 revealed a substantial surge in attacks targeting global telecommunication networks, with some networks experiencing “well over 100 attacks per day” in June 2024, compared to just one or two attacks daily a year prior.

What Undercode Says:

This DDoS attack on NTT Docomo highlights the growing threat landscape faced by telecommunication providers worldwide. The increasing frequency and sophistication of these attacks underscore the need for robust cybersecurity measures within the telecom industry. Here are some key takeaways from this incident:

DDoS attacks are a significant threat to critical infrastructure: Telecommunication networks are essential for modern communication and economic activity. Disruptions caused by DDoS attacks can have severe consequences, impacting businesses, government operations, and emergency services.
Telecom companies need to prioritize cybersecurity: Telecom providers should invest in robust cybersecurity solutions to mitigate the risks associated with DDoS attacks and other cyber threats. This includes implementing intrusion detection and prevention systems, regularly updating software and firmware, and conducting security awareness training for employees.
Collaboration is crucial: Industry-wide collaboration and information sharing are essential for effectively combating DDoS attacks. Telecom companies can share threat intelligence and best practices to improve their collective defenses.
Law enforcement needs to take action: Law enforcement agencies need to prioritize investigating and prosecuting cybercriminals responsible for DDoS attacks. This will help deter future attacks and hold perpetrators accountable.

In conclusion, the DDoS attack on NTT Docomo serves as a stark reminder of the evolving cybersecurity landscape. By prioritizing cybersecurity measures, fostering collaboration, and holding cybercriminals accountable, we can work towards a more secure digital environment for everyone.