‘China Hacked Japan’s Sensitive Defense Networks’

In the autumn of 2020, the National Security Agency (NSA) uncovered a significant cybersecurity breach that revealed Chinese military hackers had infiltrated Japan’s classified defense networks. These cyber intruders, linked to the People’s Liberation Army, gained deep access to Japan’s most sensitive computer systems, with a focus on extracting plans, capabilities, and military assessments. Despite efforts by Japanese authorities to bolster their network security, vulnerabilities remain, potentially hindering information-sharing with the U.S. Department of Defense.

The breach, regarded as one of the most damaging hacks in Japan’s modern history, prompted a swift response from top U.S. officials. Gen. Paul Nakasone, head of the NSA and U.S. Cyber Command, and Matthew Pottinger, the White House deputy national security adviser at the time, rushed to Tokyo to brief Japanese officials about the gravity of the situation. Beijing’s successful breach of Tokyo’s defense networks heightened concerns about China’s growing cyber capabilities and its potential to disrupt critical services in the United States and key Asian allies.

Despite initial efforts to address the breach, the issue persisted into early 2021, prompting the Biden administration to take a closer look. The U.S. and Japan established regular technical exchanges and video conference calls to discuss the matter, signaling a concerted effort to counter cyber threats. Japan also initiated measures to enhance cybersecurity, including the establishment of a Cyber Command, continuous risk analysis, and a significant increase in cybersecurity personnel and funding.

Japan’s response reflects the gravity of China’s expanding cyber activities, which extend beyond Japan’s borders. The U.S. government and Western cybersecurity firms have documented instances of Chinese penetration into critical infrastructure in the U.S. and Asia-Pacific region. The targets include communication, transportation, and utility systems, raising concerns about China’s ability to disrupt critical services in times of crisis or conflict.

The significance of cybersecurity in international security arrangements cannot be understated. Japan’s efforts to bolster its defenses and enhance intelligence-sharing with the U.S. underscore the growing recognition that securing cyber networks is essential for maintaining regional stability. As Japan and the U.S. work together to address the evolving threat landscape, the importance of effective cyber defense in protecting sensitive information, critical services, and overall security becomes increasingly evident.

According to The Exclusive Report Published by The Washington Post,  In November of that year, even as Japan grappled with a pandemic lockdown, Anne Neuberger and a select group of U.S. officials embarked on a journey to Tokyo. Their destination was the heart of Japan’s military, intelligence, and diplomatic apparatus, where they met with top officials. The visit aimed to address a pressing concern – the Chinese cyber compromise.

Due to the sensitivity of the intelligence sources and methods, Neuberger couldn’t openly disclose how U.S. spy agencies had detected the Chinese intrusion. Instead, she employed a subtle approach to assure the Japanese that U.S. entities were not operating within their networks. Yet, doubts lingered, given that Japan and other allies were aware of the United States’ history of espionage against its partners.

WikiLeaks’ 2015 revelation exposed that the NSA had conducted surveillance on 35 Japanese targets, including cabinet members and Mitsubishi Corporation. Then-Vice President Biden personally reached out to then-Prime Minister Shinzo Abe to express apologies for the ensuing predicament.

Up to that point, Washington and Tokyo hadn’t collaborated on addressing such a sensitive intelligence threat. The situation required an exceptional level of access to Japanese systems, which elicited caution due to sovereignty concerns.

Neuberger’s approach was meticulous and strategic. She systematically laid out the information the U.S. possessed, emphasizing the White House’s determination to resolve the issue.

“We’re not here to wag fingers,” emphasized a senior administration official, describing the approach. “We’re here to share hard-won lessons.”

Neuberger discovered a reliable partner in Japan’s recently appointed national security adviser, Takeo Akiba. Both identified an entrenched bureaucratic system as the crux of the challenge. Their efforts were buoyed by Prime Minister Kishida’s commitment to augment Japan’s defense capabilities, a campaign initially initiated by Abe. The strategy entailed strengthening expenditure, personnel, and aligning cybersecurity standards with U.S. and international benchmarks.

Acknowledging a problem and its gravity became the pivotal initial steps, as highlighted by the senior U.S. defense official.

Japan took decisive action in response. Establishing a Cyber Command that operates around the clock, introducing continuous risk assessment of military computer systems, and enhancing cybersecurity training became priorities. The country also allocated $7 billion over a span of five years to intensify its cybersecurity posture.

“The government of Japan intends to strengthen its cybersecurity response capabilities to be equal to or surpass the level of leading Western countries,” said Noriyuki Shikata, Kishida’s cabinet press secretary, underscoring the nation’s commitment. This objective, coupled with an “active cyberdefense” strategy akin to offense-as-defense hacking, was enshrined in Japan’s new national security strategy.

According to The Exclusive Report Published by The Washington Post, After the article’s publication, Japanese Defense Minister Yasukazu Hamada asserted that the government is actively countering cyber-attacks through various initiatives. While he didn’t delve into specific incidents, he affirmed that no confidential information held by the Ministry of Defense had been compromised, and no cyberattacks had disrupted the execution of the Self-Defense Forces’ missions.

Before China boldly breached its networks, Japan was often perceived as a sieve for sensitive information. Throughout the Cold War, Soviet agents capitalized on classic methods, exploiting weaknesses like the allure of food, drink, money, and gambling to cultivate relationships with Japanese journalists, politicians, and intelligence personnel.

Richard Samuels, a political scientist at MIT, who authored a comprehensive history of Japan’s intelligence community, revealed that during this period, Soviet operatives even boasted that Japan was a veritable “spy heaven.”

The culmination of the Cold War prompted Japanese officials to realize the urgency of securing access to intelligence. This awareness was partly triggered by American scrutiny. In the years leading up to the 9/11 attacks, a Pentagon-funded think tank produced a report highlighting the disparity in intelligence-sharing between the U.S.-Japan alliance and NATO partnerships.

The report emphasized that Japan faced a diverse array of threats and intricate international responsibilities, necessitating comprehensive intelligence to understand its national security requirements. It was penned by a bipartisan study group, including foreign policy experts Richard Armitage and Joseph Nye.

The report urged Japanese leaders to garner public and political support for legislation that safeguarded classified information. The porous nature of Japan’s intelligence community had drawn dissatisfaction from the Americans, leading to a curtailed exchange of intelligence. Tightening the system was pivotal for a more robust collaboration.

Shinzo Abe, a prominent political figure and two-time prime minister, was particularly receptive to this message. He emerged as a champion of security reform in Tokyo, catalyzing change during his second tenure in the early to mid-2010s. Initiatives included the passage of a state secrets law that imposed severe penalties for mishandling documents and leaking information. Abe established a National Security Council, drawing inspiration from its U.S. counterpart, to advise the prime minister.

Although Abe’s reforms faced opposition from antiwar and civil-liberties activists who criticized infringements on privacy rights, the geopolitical landscape evolved by 2013. The public recognized that decades of nominal self-defense commitments had emboldened China, which responded aggressively to Japan’s Senkaku Islands’ nationalization and escalated military activities in the South China Sea. Rising tensions prompted a change in Japan’s security outlook.

Abe’s legacy persisted even after his assassination in July 2022. Over the past decade, public sentiment towards China has hardened, with a majority of Japanese viewing the Chinese government unfavorably. Simultaneously, support for the U.S. alliance has reached an all-time high.

In December 2022, Chris Inglis, the White House National Cyber Director, visited Japan to collaborate on enhancing cybersecurity capabilities. Part of his mission was to outline the U.S. government’s efforts to bolster its systems, aligning with a national cybersecurity strategy issued in March that emphasized strengthening partner capacities.

While admitting that U.S. networks remain far from 100 percent secure, U.S. administration officials acknowledged the prevalence of cyberattacks from various nations. These attacks resulted in the theft of sensitive information, release of classified hacking tools, coerced Hollywood studios, and assaults on U.S. democracy.

Over the past two decades, successive U.S. administrations have intensified efforts to enhance American cybersecurity, leading to the creation of new organizations and increased funding. Nevertheless, the expansive “attack surface” remains a challenge.

According to The Exclusive Report Published by The Washington Post, Recognizing the complex landscape, a defense official emphasized the importance of not holding Japan to an unattainable standard. Instead, the goal is to share information effectively while striving to repel adversaries.