U.S.: Japan’s Cybersecurity Measures ‘too Little, Too Late’

The Yomiuri Shimbun

2:00 JST, February 6, 2024

China’s cyber-attack on the Japanese Foreign Ministry’s telecommunications network has exposed vulnerabilities in this country’s security measures, leaving the United States hesitant to share defense-related information with Japan. With cyber-attacks growing ever more sophisticated, Japan faces an urgent need to introduce more “active” cyber defenses.

In crisis mode

“China hit us hard,” said a senior government official, expressing his alarm at the ministry’s diplomatic cables system having been compromised. “We’ve been working hard to improve, but it’s still not enough.”

The breach was revealed when Gen. Paul Nakasone of the U.S. National Security Agency warned officials here during a visit in summer 2020. The fact that the head of the intelligence agency came in person shows just how seriously he viewed the situation.

The visit occurred in the final days of Shinzo Abe’s last Cabinet, when there were discussions on revising the National Security Strategy and developing counterstrike capabilities in light of China’s rise.

In targeting Japan’s official cables, China was likely trying to steal confidential information on the state of deliberations in the Japanese government, as well as see what information Japan was sharing with the United States about China.

In subsequent Japan-U.S. talks, Washington asked Tokyo to give it access to the security systems of major government entities, but Tokyo was reluctant to do so. Eventually, they settled on a compromise, with Tokyo sharing the results of its own investigations.

China may have launched cyber-attacks on the diplomatic cables systems of many other countries in order to obtain sensitive information. In 2018, The New York Times reported that the European Union’s diplomatic communications network had been infiltrated by hackers, believed to have been Chinese.

JAXA targeted

“Cyber-attacks target a wide range of fields and constantly outsmart existing security measures. The threat in cyberspace continues to grow,” said a senior Defense Ministry official.

China is strongly suspected of having been involved in the cyber-attack that last summer hit the Japan Aerospace Exploration Agency’s main server.

After the attack, the United States again informally expressed concern about Japan’s cyber defenses, especially given JAXA’s role in the U.S.-led Artemis manned lunar exploration program.

According to a 2022 survey by information security firm Trend Micro Inc., 90% of security managers at Japanese electric, oil and gas companies said their systems had been disrupted by a cyber-attack in the past year.

Early detection

“Active cyber defense” involves monitoring cyberspace on a routine basis and, if necessary, infiltrating the servers of attackers or target countries and rendering them harmless.

The United States and United Kingdom are said to take such an active approach to detect abnormalities early, and thereby prevent attacks or limit damage.

The United States is thought to have learned of the breach in the ministry’s diplomatic cables system through the active cyber defense it deploys against China. The British government has also detected evidence of Chinese cyber-attacks on Japanese election-related facilities, according to Japanese government sources.

Since summer 2020, Washington has repeatedly urged Tokyo to strengthen its cybersecurity, concerned that not only China but also Russia and North Korea are focusing on cyber warfare. A U.S. government official who visited Japan told a Japanese official that cybersecurity could not be maintained unless all allied countries made an effort, adding that Japan’s measures were “too little, too late.”