Early last year the big domestic infosec story here in Japan was a hacker who was running rings around the police, while making death and bomb threats against airlines and kindergartens.
The Police arrested several suspects - 'extracting' confessions from some of them who later turned out to be victims whose computers had been used by the the hacker via remote access.
The best part of the tale (tail?) is the hacker attached a memory card to the collar of a cat(!) and invited the press to 'play a game' by answering quizzes that led to the cat with the memory card. Possibly the first hack in history to involve a actual cat, and not just LOLcats.exe.

The police eventually captured and charged a new suspect, who is now claiming his innocence and pointing to the previous dubious police investigation (and confession extracting) as proof.

Prosecutors say they found on Katayama’s office computer, searches for the words “cat” and “Enoshima” that predate the email of riddles sent to journalists. But the defense asserts that the real suspect would've planted the searches, recalling the untraceable nature of the virus, which was dispersed widely through the popular online forum, 2channel. The defense, meanwhile, called the allegations “complete nonsense."

Did he do it? Who knows, that's for the lawyers to decide but I hope there's more to the evidence than searching for cats on the internet!

It's been quiet around here lately as I've been travelling and extremely busy with work. However it's time to get back to blogging on a semi-regular basis (I don't know what Richard's excuse is!)

While checking out the new IOS7 features recently (although I've yet to upgrade) I came across this gem:

Apps can now be configured to automatically connect to VPN when they are launched. Per app VPN gives IT granular control over corporate network access. It ensures that data transmitted by managed apps travels through VPN — and that other data, like an employee's personal web browsing activity, does not.

Now that's a nice feature (and about time), especially in the BYOD era. Speaking of BYOD, I recently had a chance to meet a number of Security managers from around the world and BYOD was a hot topic. However here in Japan it is not even on the radar for many organizations. A Logicalis research paper [pdf] from last year showed Japan as significantly trailing other markets in regards to corporate IT actively promoting BYOD and, perhaps unsurprisingly, leading the pack in the measure of 'IT don't know about it but we're doing it anyway'.

Why is Japan slow to embrace this trend? My personal view is it is a combination of inherently conservative companies and IT departments (who are unwilling to give up control) combined with the strict labour laws regarding overtime work. As we've seen in the west, mobility and BYOD blur the lines of work/life significantly and risk putting companies here on the wrong side of the law if employees are found to be working excessive overtime.