Japan sees increased cyberthreats to critical infrastructure, particularly from China

MUNICH, GERMANY — China-backed hackers are increasingly targeting telecom carriers, internet providers and other critical infrastructure in Japan, according to Kazutaka Nakamizo, deputy director of the country’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC).

During the Munich Cyber Security Conference on Friday, Nakamizo said that the number of cyber incidents, including those linked to China, increased significantly — from 150 cases in 2021 to 230 cases in 2022, and continued to rise last year. This number is “just the tip of the iceberg,” he added.

Talking to Recorded Future News, Nakamizo would not specify which China-linked attacks recently targeted Japanese critical infrastructure, as not all of them were publicly attributed to Beijing. Some of the attacks on telecom carriers exploited unknown vulnerabilities in the networks, he said.

Nakamizo's remarks during the conference followed the takedown by the U.S. Justice Department of a botnet run by a prolific Chinese government hacking operation known as Volt Typhoon.

The U.S. said that the Volt Typhoon's goal was to collect information that later could facilitate physical disruption of critical infrastructure.

Nakamizo highlighted how Japan is working with the U.S. against shared cyberthreats. Last September, Japanese agencies, including NISC, partnered with the U.S. to issue a joint cybersecurity advisory on China-linked cyber actors hiding in router firmware.

Japan will continue to cooperate “with like-minded countries,” Nakamizo said.

This year, NISC doubled the number of staff and budget to improve its response to cyber incidents, Nakamizo said. Local cyber authorities are also focusing on private-public partnerships to boost information sharing between the government and businesses, he said.

Japan has suffered a wave of cyber incidents in recent months. Earlier in February, Japan’s Ministry of Foreign Affairs was reportedly breached by Chinese hackers, allegedly leading to information leaks. Nakamizo refused to comment on this leak.

In November, Japan disclosed an attack on the country’s aerospace exploration agency, JAXA. The same month, manufacturing giant Aviation Electronics reported a cyberattack. In August, suspected Chinese hackers breached Japan’s cybersecurity agency and potentially accessed sensitive data.

Other Japanese companies targeted by hackers include Yamaha, Seiko, Casio and pharmaceutical company Eisai.

READ MORE: Munich Cyber Security Conference 2024 Live Updates