<prologue>
I started a blog called “The Baby Boomer Generation’s Miscellaneous Blog”(Dankai-sedai no garakutatyou:団塊世代の我楽多(がらくた)帳) in July 2018, about a year before I fully retired. More than six years have passed since then, and the number of articles has increased considerably.
So, in order to make them accessible to people who don’t understand Japanese, I decided to translate my past articles into English and publish them.
It may sound a bit exaggerated, but I would like to make this my life’s work.
It should be noted that haiku and waka (Japanese short fixed form poems) are quite difficult to translate into English, so some parts are written in Japanese.
If you are interested in haiku or waka and would like to know more, please read introductory or specialized books on haiku or waka written in English.
I also write many articles about the Japanese language. I would be happy if these inspire more people to want to learn Japanese.
my blog’s URL:団塊世代の我楽多(がらくた)帳 | 団塊世代が雑学や面白い話を発信しています
my X’s URL:団塊世代の我楽多帳(@historia49) on X
1. The issue of fraudulent withdrawals from “Docomo Accounts”
(1) Telecommunications Companies’ Lax Security and Information Management
Recently, a case of fraudulent withdrawals occurred using NTT Docomo’s electronic money payment service, “Docomo Account.” This crime is considered to be a form of computer fraud. To date, 66 cases have been confirmed, totaling approximately 18 million yen. NTT Docomo plans to compensate for all losses.
The cause of the incidents was attributed to “inadequate identity verification procedures when opening a Docomo Account” and “lax security management at the linked bank.”
NTT Docomo has announced that “no customer information was leaked,” but we hope they will properly verify this.
What’s frightening is that victims who did not open a “Docomo Account” but had their bank account information stolen are being victimized. The causes are likely to be phishing scams, account information leaks (illegal distribution), or theft of account information through cyberattacks by hackers.
As a measure to prevent recurrence, Docomo will introduce a system in which “in addition to requiring users to register their mobile phone number when opening a Docomo account, they will also send a one-time password to their smartphone, valid for only a few minutes, which the recipient will then be required to enter.”
Even as a complete novice, I find it puzzling why they didn’t do this from the beginning. I’m also shocked by NTT Docomo’s “low security awareness,” as they took no measures at all, such as tightening identity verification, despite the fact that a “fraudulent withdrawal from a Docomo account” incident similar to the current series of incidents occurred at Resona Bank in May 2019.
(2) Lax “security management” and “information management” at convenience stores
While many people tend to forget about incidents after a year has passed, the “Seven Pay Fraud Incident” occurred in July 2019. This was a major incident that could be described as a “collapse of governance at the largest convenience store chain.”
Seven & i Holdings launched its smartphone payment service “Seven Pay” on July 1, 2019, following a series of fraudulent use cases by third parties, resulting in a complete suspension of deposits and new registrations after just three months. With 5 million registered users, the total loss due to fraudulent use was approximately 55 million yen.
The causes of this incident were “Seven’s poor system specifications” and “management’s lack of understanding of the system itself, posing serious security risks.” This “7iD” system, known as “7iD,” allowed passwords to be reset with the user’s email address and phone number, allowing a third party to take over the system on another device.
2. The Need for Strengthened Security Measures at Banks
The fraudulent withdrawal incident from “Docomo Accounts” targeted customers of regional banks with weak security measures.
I hope that all banks will further strengthen their security measures.
3. The Need for Strengthening the Government’s Cyberattack Defenses
(1) The Inadequacy of Government-Led Software
The contact-confirming app “COCOA,” introduced by the government as a COVID-19 countermeasure, experienced problems, and there was also a problem with the online application for employment subsidies, resulting in the leakage of personal information.
(2) The Inadequacy of the Former “Minister of Cybersecurity Strategy”
There was once a “Minister of Cybersecurity Strategy” named Yoshitaka Sakurada. He knew nothing about cybersecurity, let alone computers or the Internet.
Ministers like this are out of the question, but if the LDP presidential candidate Yoshihide Suga is to establish a “Digital Agency” or Fumio Kishida’s “Data Agency,” and if the government is to promote the use of electronic payments, I would like to see the appointment of someone with expertise in these fields as minister. However, since these two new agency plans seem to lack a security perspective, I would like the “Cyber Agency” to focus more on security measures.
Just as bullying and bank transfer fraud will never go away, computer crime, cybercrime, and espionage will never go away. In fact, they are expected to increase in the future.
It will become a cat-and-mouse game between criminals and police crackdowns, as well as defenses taken by the government and us users.