January 22, 2025
TOKYO – Cyberattacks in which the involvement of other countries is suspected are a serious threat to Japan’s safety. In response to attackers’ increasingly sophisticated methods, it is important for the government and companies to build up the strongest possible defense systems.
The National Police Agency announced that it had confirmed 210 cyberattacks on Japanese government agencies, companies, academic organizations and others by the China-affiliated hacker group MirrorFace since 2019. The agency said the targets included individuals such as scholars and politicians.
At the Japan Aerospace Exploration Agency (JAXA), more than 10,000 files were compromised. Semiconductor-related companies and the Defense Ministry were also targeted. There is a possibility that information related to cutting-edge technology and national security was stolen. The situation is serious.
MirrorFace has been pointed out as having connections with another hacker group that cooperates with the Chinese intelligence agency. According to the NPA, “The cyberattacks were launched in an organized manner in which the involvement of the Chinese government is suspected.”
It is unusual for the police to dare to make a direct reference to the involvement of another country’s government in cyberattacks. It is likely that the aim is to warn the Japanese public while at the same time keeping China in check.
The attacks are notable for their use of methods such as attaching malware to emails and exploiting system vulnerabilities to break into corporate networks.
In some cases, emails are sent under the guise of individuals such as former company executives, with subject lines like “Study Group Information” to draw the recipients’ attention and get them to open emails with malware attached.
If anything appears suspicious, recipients are advised to check with the persons named as senders to confirm whether they really did send the messages. It is also important not to overlook abnormalities, such as log-ins from overseas being observed even though all of the company’s employees are in Japan.
There are also cyberattacks in which other countries are suspected to be involved. Last year, a large value in bitcoin was stolen from a Japanese cryptocurrency company as a result of an attack by a hacker group affiliated with North Korea.
Before Russia launched its aggression against Ukraine, it is believed to have already infiltrated the systems of Ukraine’s critical infrastructure facilities in preparation to carry out sabotage. In the modern era, there is a strong tendency for armed attacks and cyberattacks to be carried out simultaneously.
In Japan, there have been a spate of cyberattacks on organizations such as banks and hospitals. The government should not only respond to attacks after they have occurred, but should also speed up the implementation of “active cyber defense” to detect signs of attacks and neutralize them.
Securing specialist human resources is essential for effectively operating such defense. The government must recruit human resources from the private sector and protect citizens’ lives and classified information.
(From The Yomiuri Shimbun, Jan. 21, 2025)