Japan on Wednesday linked more than 200 cyberattacks over the past five years targeting the country’s national security and high technology data to a Chinese hacking group, MirrorFace, detailing their tactics and calling on government agencies and businesses to reinforce preventive measures.
The National Police Agency (NPA) said its analysis on the targets, methods, and infrastructure of the cyberattacks by MirrorFace from 2019 to 2024 concluded they were systematic attacks linked to China with an aim of stealing data on Japanese national security and advanced technology.
The targets of the Chinese government-led cyberattacks included Japan’s Foreign and Defense ministries, the country’s space agency, and individuals including politicians, journalists, private companies, and think tanks related to advanced technology, the NPA said.
Experts have repeatedly raised concerns about the vulnerability of Japan’s cybersecurity, especially as the country steps up its defense capabilities and works more closely with the United States and other partners to strengthen cyber defenses. Japan has taken steps but experts say more work is needed.
MirrorFace sent emails with attachments containing malware to targeted organizations and individuals to view data saved on computers mainly from December 2019 to July 2023, often from Gmail and Microsoft Outlook addresses using stolen identities, the NPA investigation found.
The emails typically used as subjects key words such as “Japan-U.S. alliance,” “Taiwan Strait,” “Russia-Ukraine war,” and “free and open Indo-Pacific,” and included an invitation for a study panel, references, and a list of panelists, the NPA said.
In another tactic, the hackers targeted Japanese organizations in areas of aerospace, semiconductors, information, and communications from February to October 2023 by exploiting vulnerabilities in virtual private networks to gain unauthorized access to information.
The attacks included one on the Japan Aerospace and Exploration Agency, or JAXA, which acknowledged in June it had suffered a series of cyberattacks since 2023, though sensitive information related to rockets, satellites, and defense was not affected. It was investigating to take preventive measures.
Last year, a cyberattack paralyzed operations at a container terminal at a port in the city of Nagoya for three days.
More recently, Japan Airlines was hit by a cyberattack on Christmas, causing delays and cancellations to more than 20 domestic flights, though the carrier was able to stop the onslaught and restore its systems hours later and there was no impact on flight safety.
—Mari Yamaguchi, Associated Press
Login to add comment
Other posts in this group

The last year has seen a global reckoning with the effects of social media on kids. Australia banned


Earlier this month, Apple officially announced that it would be postponing the launch of some planned Apple Intelligence features to a later, unspecified date in the future. These features mainly


Anthropic announced Thursday that it has added web search capability to its Claude chatbot. It’s not a new feature to the AI world—but the company’s approach stands as one of the most thoughtful t

If the thought of being hunted by something that can see your every move makes your skin crawl, you might want to steer clear of Eyes Never Wake.
This viral horror game takes im

Market manipulation in the cryptocurrency world is rampant—and fewer than 500 people are responsible for as much as $250 million a year in profits and over $3.2 trillion in artificial trading, acc