Japan’s National Center of Incident Readiness and Strategy for Cybersecurity or NISC, the agency tasked with safeguarding Japan’s national defenses against cyber threats, has fallen victim to hackers, potentially exposing sensitive information for up to nine months, a report by the Financial Times has revealed.
According to reliable sources from the governmental and private sectors, the intrusion into J NISC is believed to have been orchestrated by state-backed hackers from China. This attack started in the autumn of 2022, but only in June 2023 did the Japanese learn that their systems were compromised.
Can Japan defend itself against cyberattacks?
This revelation holds significant gravity due to the target’s nature and the intense scrutiny surrounding Japan’s cyber-attack susceptibility. Tokyo is in the process of enhancing its military collaboration with the United States and regional partners. This includes exercises such as a joint fighter project alongside the United Kingdom and Italy, which involved exchanging top-secret technological data.
The capability of Japan to securely manage sensitive data has raised concerns among cyber security experts in the United States and the United Kingdom.
Recent reports have unveiled a major cyber attack on Japan’s defense networks in late 2020, attributed to Chinese military hackers. Additionally, in July, the port of Nagoya experienced a temporary shutdown following what was believed to be a ransomware attack linked to Russian origins.
These incidents have sparked apprehensions at the highest levels of the Japanese government regarding the possibility of state actors, such as China, probing Japan’s defense capabilities.
How the breach was discovered
In early August, NISC revealed that specific personal data associated with email exchanges between October of the previous year and June of the current year might have been exposed to bad actors after an intrusion into its email system.
The breach seemed to have exploited an individual staff member’s email account, according to NISC.
To address the potential compromise, NISC issued a series of email notifications to both domestic and international private and governmental partners, warning them about the situation.
The agency’s public statement explained that an external investigation had recently uncovered the possibility of leaked email data and that those involved in the affected email correspondences had been duly informed.
Operating within Japan’s highest government circles as part of the Cabinet Office, NISC’s breach has reportedly prompted an inquiry into whether the hackers’ access extended to other susceptible servers in central Tokyo’s government building.
An official from NISC confirmed that their investigation had determined that only the email system had been compromised. The official declined to comment on whether the intrusion was attributed to Chinese state-sponsored hackers.
Japan blames China; China accuses the US.
According to sources, the incident is believed to have been orchestrated with Chinese involvement. One individual familiar with the situation noted, “There is always a small element of doubt, but given the style of attack and the nature of the target itself, we can say with almost complete certainty that this originated with a state actor and that the actor was most probably China.” Another source asserted that they were “without doubt” confident that China was responsible for the attack.
China’s foreign affairs ministry dismissed these claims and pointed the finger at the United States, suggesting that Japan should scrutinize US activities, given the latter’s history of spying on allies. The ministry referred to previous WikiLeaks disclosures revealing US cyber espionage against Japanese cabinet officials, financial institutions, and companies.
A shortage of personnel and expertise has hindered Japan’s efforts to bolster its cybersecurity capabilities in the digital domain. The government’s initiatives have primarily focused on expanding and enhancing training facilities for the cyber unit within the Self-Defense Forces. As of the end of March, this unit comprised just under 900 members, starkly contrasting the estimated 6,200 in its US equivalent and at least 30,000 in China’s cyber forces.