Chinese cyberattacks on Japan’s defense, aerospace, and advanced technology sectors are increasing at an alarming rate, indicating what experts refer to as a broader strategy to undermine the technological and military strengths of democratic nations, particularly the United States.
The Japanese National Police Agency (NPA) has reported 210 such incursions since 2019, fueling calls for tougher legal frameworks and closer international coordination to protect critical infrastructure.
The NPA has observed that these increasing cyberattacks have been carried out in three phases.
The first phase lasted from December 2019 to July 2023. Government entities, think tanks, and the media were primarily targeted, indicating an attempt to sway policy and public sentiment.
The second phase, from February to October 2023, marked a shift toward semiconductors, manufacturing, and academic institutions, focusing on Japan’s technological hub.
The third phase, starting in June 2024, has seen a resurgence in targeting academia, politicians, and the media, reflecting an ongoing effort to influence public discourse and shape policies.
A high-profile target was the Japan Aerospace Exploration Agency (JAXA). Hackers exploited VPN vulnerabilities to break into its Microsoft 365 Cloud service, compromising around 200 employee accounts and exfiltrating over 10,000 files between 2023 and 2024, according to Japanese media.
Among the stolen data were details on JAXA’s Martian Moons Exploration (MMX) mission, part of the agency’s manned lunar program. This raises concerns about China using this information to advance its own Mars endeavors.
With the MMX program set to launch in 2026 and China’s Mars sample return missions slated for around 2028, both nations are racing to achieve historic breakthroughs.
In response to ongoing threats, Japan established a dedicated Cyber Defense Unit in March 2022 to monitor government networks around the clock. In the following year, Japan and the United States agreed to strengthen cybersecurity cooperation at the highest levels.
Su Tzu-yun, director of Taiwan’s Institute for National Defense and Security Research, recently told the Chinese edition of The Epoch Times that such measures would only be effective if they are backed by stronger legal frameworks and closer international coordination.
He said that current laws hinder the prosecution of state-backed hackers and the confirmation of their true identities. Su emphasized that tougher regulations and improved intelligence-sharing among democratic nations are essential to combat digital propaganda, sabotage, and data theft while upholding freedom of speech.
Similar CCP-backed cyberattacks have occurred in the United States in recent years.
In 2023, Chinese hackers breached networks related to the U.S. military’s operational capabilities, including those in Guam, a strategic location for potential military operations in the Asia–Pacific region.
The U.S. response has included sanctions on Chinese entities and a push for more aggressive cyber defense, led by agencies like the Cybersecurity and Infrastructure Security Agency working alongside private industry.
Cyber analyst Lin Tsung-nan, a professor at National Taiwan University, told The Epoch Times earlier this month that these campaigns are part of the Chinese regime’s “unrestricted warfare,” where intelligence gathering, social media manipulation, and infrastructure sabotage converge.
He noted that cyber theft offers China a low-cost way to acquire advanced technology from Japan and the West and highlighted the extensive pool of state-sponsored hackers the Chinese regime has assembled for that purpose.
As governments and private sectors prepare for increasingly sophisticated hacking techniques—amplified by emerging technologies—the stakes keep rising, Su said.
The ultimate goal, he said, is to safeguard not only state secrets and intellectual property but also to maintain public trust and protect democratic institutions against growing cyber threats.
