Google’s Observations: State-Sponsored Cyberattacks and Cybercrime Targeting Japan Are Intensifying

Cyber threats targeting Japan are growing increasingly severe. According to research by Mandiant, Google’s threat intelligence division, more than 82 attackers (threat actors) have targeted Japan over the past two years. Tim Manley of the Google Threat Intelligence Group warned that Japan’s leadership on the international stage and its cutting-edge research and development have made it a prime target for both nation-states and cybercriminals.

The Cybersecurity Forecast 2026 Report, the latest edition of Google Threat Intelligence’s forecast report, outlines cyber threats from three perspectives: AI, state-sponsored attacks, and cybercrime.

With regard to AI, the report predicts that attackers will exploit agentic AI to automate the spread of disinformation and the generation of malware, dramatically escalating both the speed and scale of attacks. Manley also noted that “Shadow AI”, the unsanctioned use of AI tools or applications by employees, will become a new factor leading to information leaks.

The main threat actors responsible for state-sponsored attacks are focused on stealing sensitive political and military information. In the area of cybercrime, multilayered attacks that combine ransomware and extortion with data theft are expected to remain a persistent threat.

Most notably, Manley emphasized that the AI-driven breakdown of language barriers poses a major threat to Japan. While the Japanese language had long served as a barrier of entry for international criminals, AI now makes it easy to generate emails and scripts at a native speaker’s level.

So, how should Japanese companies respond? Manley emphasized the importance of thorough vulnerability management, stronger multifactor authentication, and supply chain visibility. He also stressed: “Cybersecurity is a national security issue that cannot be solved by a single company. Coordinated action between the public and private sectors is essential.”