March 17, 2022
We will discontinue the use of password-protected compressed files in e-mail accounts used by our employees for business purposes. We ask for the understanding and cooperation of our customers, business partners, and all related organizations.
Since password-protected compressed files are encrypted, it is extremely difficult to check for malware upon receipt of the e-mail.Many malicious attacks have been confirmed around the world, including the use of malware such as Emotet, which has been on the rise recently, as a route of infection and we have confirmed that we also have received such e-mail.The U.S. Cybersecurity and Infrastructure Security Administration (CISA) has advocated measures to block these files*, and there is a movement in Japan to eliminate the use of password-protected compressed files.
Given this background, we have decided to discontinue the use of password-protected compressed files in order to further enhance the information security of our customers and our company. First, we will discontinue the use in email accounts used by our employees for business purposes after the end of March, 2022.
In case we receive an e-mail with a password-protected compressed file attachment addressed to our employee e-mail account after the end of March 2022, all attachments will be deleted except for the text in the body of the e-mail. Since the sender will not be notified of the deletion, please confirm the method of file transfer with our employee in charge (the receiver).
*Reference: U.S. CISA Alert (AA20-280A)