Japan’s National Center of Incident Readiness and Strategy for Cybersecurity or NISC, the agency tasked with safeguarding Japan’s national defenses against cyber threats has itself fallen victim to hackers, potentially exposing sensitive information for a period of up to nine months, a report by the Financial Times has revealed.
According to reliable sources from both governmental and private sectors, the intrusion into J NISC is believed to have been orchestrated by state-backed hackers from China. This attack started in the autumn of 2022, but it was only in June 2023 that the Japanese got to know that their systems were compromised.
Can Japan defend itself against cyberattacks?
This revelation holds significant gravity due to the nature of the target and the current atmosphere of intense scrutiny surrounding Japan’s susceptibility to cyber-attacks. Tokyo is in the process of enhancing its military collaboration with the United States and regional partners. This includes exercises such as a joint fighter project alongside the United Kingdom and Italy, which involved the exchange of top-secret technological data.
The capability of Japan to securely manage sensitive data has raised concerns among cyber security experts in the United States and the United Kingdom.
Recent reports have unveiled a major cyber attack on Japan’s defence networks in late 2020, attributed to Chinese military hackers. Additionally, in July, the port of Nagoya experienced a temporary shutdown following what was believed to be a ransomware attack linked to Russian origins.
These incidents have sparked apprehensions at the highest levels of the Japanese government regarding the possibility of state actors, such as China, probing Japan’s defence capabilities.
How the breach was discovered
In early August, NISC revealed that certain personal data associated with email exchanges between October of the previous year and June of the current year might have been exposed to bad actors after an intrusion into its email system.
The breach seemed to have exploited an individual staff member’s email account, according to NISC.
To address the potential compromise, NISC issued a series of email notifications to both domestic and international private and governmental partners, warning them about the situation.
The agency’s public statement explained that an external investigation had recently uncovered the possibility of leaked email data and that those involved in the affected email correspondences had been duly informed.
Operating within Japan’s highest government circles as part of the Cabinet Office, NISC’s breach has reportedly prompted an inquiry into whether the hackers’ access extended to other highly sensitive servers situated in the same government building in central Tokyo.
An official from NISC confirmed that their investigation had determined that only the email system had been compromised. The official declined to comment on whether the intrusion was attributed to Chinese state-sponsored hackers.
Japan blames China, China blames the US
According to sources, the incident is believed to have been orchestrated with Chinese involvement. One individual familiar with the situation noted, “There is always a small element of doubt, but given the style of attack and the nature of the target itself, we can say with almost complete certainty that this originated with a state actor and that the actor was most probably China.” Another source asserted that they were “without doubt” certain that China was responsible for the attack.
China’s foreign affairs ministry dismissed these claims and pointed the finger at the United States, suggesting that Japan should scrutinize US activities, given the latter’s history of spying on allies. The ministry referred to previous WikiLeaks disclosures revealing US cyber espionage against Japanese cabinet officials, financial institutions, and companies.
Japan’s efforts to bolster its cybersecurity capabilities have been hindered by a shortage of personnel and expertise in the digital domain. The government’s initiatives have primarily focused on expanding and enhancing training facilities for the cyber unit within the Self-Defense Forces. As of the end of March, this unit comprised just under 900 members, a stark contrast to the estimated 6,200 in its US equivalent and at least 30,000 in China’s cyber forces.