Aug 31, 2023 12:17:00

Report that the Chinese government is behind the cyber attack on Japan's Cabinet Cyber Security Center

The Cabinet Cyber Security Center (NISC), an information security organization within the Cabinet Secretariat, one of Japan's administrative agencies, revealed that the mail system had been accessed illegally. The financial newspaper Financial Times reports that this cyber attack may be due to hackers supported by the Chinese government. In addition, NISC has announced this cyber attack, but did not disclose the details.

Japan's cyber security agency suffers months-long breach | Financial Times
https://www.ft.com/content/de0042f8-a7ce-4db5-bf7b-aed8ad3a4cfd

Japan's cybersecurity agency breached by suspected Chinese hackers: report
https://therecord.media/japan-cybersecurity-agency-breached-report

According to the Financial Times, three government and private sources familiar with the matter said, ``Chinese government-backed hackers are believed to be behind the NISC cyberattacks that began in the fall of 2022, and there are no indications. It was not revealed until June.'

Japan has embarked on increased military cooperation with the United States and other allies, including joint fighter projects with the United Kingdom and Italy. Some government-related cybersecurity experts in the United States and the United Kingdom have begun to express strong concerns about Japan's data security capabilities.

In July 2023, the container terminal at the Port of Nagoya, Japan's largest port, was hit by a ransomware attack by the Russian-based hacker group LockBit, resulting in a two-day suspension of operations.

The container terminal at the Port of Nagoya recovered for the first time in two days after the suspension of operations due to a ransomware attack, and it is the first time in Japan that the operation of port facilities stops due to a cyber attack - GIGAZINE

In August of the following month, The Washington Post reported that ``Chinese military hackers hacked Japan's secret defense network in the second half of 2020,'' revealing the vulnerabilities of Japan's cybersecurity once again.

Report that a Chinese hacker group had invaded Japan's defense confidential network - GIGAZINE

Under such circumstances, NISC announced on August 4, 2023, 'It was found that there was an unauthorized communication with NISC's e-mail related system, and that some of the e-mail data including personal information may have been leaked to the outside. ”, He revealed that he received a cyber attack from the outside.

About the possibility of leakage of mail data from the e-mail related system of the Cabinet Cyber Security Center-NISC
https://www.nisc.go.jp/news/20230804.html

Although NISC did not disclose the details of this cyber attack, it stated that ``On June 13, 2023, traces of unauthorized communication related to email-related systems were discovered,'' indicating that the unauthorized access was detected around June 2023. was revealed.

According to testimony from two people familiar with the cyber attack, NISC said the hacker used the information obtained in the cyber attack to target 'other highly confidential servers located in the same government building as NISC.' It seems that an investigation has been started as it may have been set up.

According to NISC officials, the above investigation concluded that a 'leak of email data from an email-related system' had occurred. However, the official did not seem to explicitly state that this cyber attack was caused by hackers supported by the Chinese government.

However, another source points out that the Chinese government is behind this cyberattack. 'While there is always an element of suspicion, given the style of the attack and the nature of the target itself, we can almost say with certainty that this was a nation-state attack and was probably carried out by China,' the person said. We can do that.” Another official has also stated that the Chinese government is behind the cyber attack on NISC.

On the other hand, the Chinese Ministry of Foreign Affairs denies the suggestion that the Chinese government is behind the cyber attack on NISC, and NISC does not mention the Chinese government in its statement regarding the cyber attack. In addition, in 2015, the Chinese government cited a case in which the NSA was wiretapping the Japanese government on the whistleblowing site ``WikiLeaks'' and advised the Japanese government to ``be careful of the American government.''

Japan has formed a cybersecurity unit within the Self-Defense Forces, but the number of members is approximately 900 people. In contrast, the number of cyber units under the American government is estimated to be 6,200 people, and China's is estimated to have at least 30,000 people, and vulnerabilities in the Japanese government's cybersecurity have been pointed out.