JAXA among 200 Japanese entities cyber-attacked; Chinese military suspected
16:27 JST, April 20, 2021
A group of hackers thought to be directed by the Chinese military is suspected of conducting cyber-attacks on about 200 Japanese research institutions, universities and companies — including the Japan Aerospace Exploration Agency (JAXA) and firms in the defense and aviation industries — police investigative sources have said.
The Metropolitan Police Department’s Public Security Bureau found that a member of the Chinese Communist Party in his 30s used false names to rent servers identified to have been used for cyber-attacks.
China has been implicated in cyber-attacks on defense-related companies, but it is unusual for a person involved to be identified. The bureau believes that important information was targeted.
According to the investigative sources, the man is a systems engineer living in China. He is suspected of renting servers in Japan under false names five times in 2016 and 2017 via the internet.
When questioned by the police during a visit to Japan, the man admitted to using a false name to rent servers and said that he had sold the server IDs and passwords to earn money.
The MPD launched an investigation against a series of cyber-attacks in 2016 and 2017 that targeted JAXA, IHI Corp. and others. The police identified servers used in the attacks and found that they had been used by two Chinese people, including the man, who rented them multiple times under false names and provided information to a Chinese hacker group called Tick.
The rental servers seem to have been exploited as a stepping-stone to hide the source of the attacks.
The other person of interest is an exchange student, who is believed to have received instructions from a member of unit 61419, a cyber-attack taskforce within the Chinese military, according to the sources.
The two have already left Japan. The Public Security Bureau sent papers Tuesday regarding one of them — the Communist Party member — to the Tokyo District Public Prosecutors Office on suspicion of illegally creating and using private electromagnetic records. The man is said to be working for a major Chinese telecom company.
Tick is believed to be a group of hackers primarily targeting classified defense information in Japan and South Korea by such means as introducing viruses into systems found vulnerable.
The police think the Chinese military’s unit 61419 is behind a series of cyber-attacks on Japanese defense-related companies. They are identifying the damage suffered by targeted institutes, universities and firms and alerting them to the situation.
A JAXA spokesperson told The Yomiuri Shimbun, “It’s true that we were subject to illicit connections, but there was no information theft or other harm.”
"Politics" POPULAR ARTICLE
-
Presidential Race for Japan’s LDP Hinges on ‘Change’; Younger Politicians Prepare to Jump In
-
Ishiba Favored by Older Voters, Koizumi by Young in LDP Presidential Race, Says Poll
-
Japan’s LDP Presidential Candidates Time Announcements of Runs; Better to Gain Attention Now or Quietly Build Support?
-
Japanese Government Tells Australia of Willingness to Cooperate in Building Warships; New Model Based on Mogami-Class Frigate
-
Japan’s Ishiba Announces Final Bid for LDP President; Ishiba Vows to Establish LDP that Will ‘Abide by the Rules’
JN ACCESS RANKING
- Typhoon Shanshan Forms, Slowly Moves Toward Japan; Govt Says Typhoon No. 10 Likely to Approach Japan Next Week
- Tokyo Companies Prepare for Ashfall From Mt. Fuji Eruption; Disposal Of Ash, Possibly at Sea, A Major Challenge
- Shizuoka Pref. City Offers Foreigners Free Japanese Language Classes; Aims to Raise Non-Natives to Daily Conversation Level
- Typhoon No. 10 Forecast to Develop; Move into Pacific Ocean South of Japan on Aug. 26
- Strong Typhoon Shanshan Predicted to Approach Western, Eastern Japan Earliest on Wednesday