Japan’s cybersecurity agency breached by suspected Chinese hackers: report

Suspected Chinese hackers breached Japan’s cybersecurity agency and potentially accessed sensitive data stored on its networks for nine months before being discovered, it was reported on Tuesday.

Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) announced in August that personal data linked to email exchanges may have been compromised after it was hacked in October last year.

NISC has not publicly attributed the incident. However, a report by the Financial Times, citing three government and private sector sources familiar with the situation, said that state-backed Chinese hackers were suspected of being behind the attack.

It follows a recent report by the Washington Post that the U.S. National Security Agency discovered Chinese military hackers had compromised Japan’s defense networks back in 2020, described as “one of the most damaging hacks” in Japan’s history.

The hack on Japan’s defense networks risked impeding intelligence-sharing between the Pentagon and Japan’s defense forces, the newspaper reported, as Japan increases its partnerships with the U.S. and other allies amid increasing geopolitical tensions in the Pacific.

According to the Financial Times, China was also behind another incident that hit Japan’s port of Nagoya earlier this year. Although the attack was initially attributed to the LockBit ransomware gang by the port authorities, the newspaper reported “government cyber experts” now considered it to be a part of “persistent testing of Japan’s infrastructural defenses by China,” rather than a legitimate ransomware incident.

Japan's Cabinet Office, which runs NISC, did not respond to Recorded Future News' requests for comment. In its statements to the Financial Times, NISC disputed the scale of access which the alleged hackers had managed to achieve, stressing that it was limited to the agency’s email system.

China’s ministry of foreign affairs denied the country was behind the breach and instead blamed the United States. Officials in Beijing recently pledged to disclose U.S. cyber espionage activities in the wake of criticisms about the country's own “reckless” hacking.