ANALYSIS: Chinese Hackers Breach Japan’s Classified Network, Target Multiple Nations

China currently poses the world’s most significant cyber threat, according to American cybersecurity authorities.
ANALYSIS: Chinese Hackers Breach Japan’s Classified Network, Target Multiple Nations
A member of the hacking group Red Hacker Alliance who refused to give his real name, uses a website that monitors global cyberattacks on his computer at their office in Dongguan, Guangdong Province, China, on Aug. 4, 2020. Nicolas Asfouri/AFP via Getty Images
Sean Tseng
Updated:
0:00

Chinese hackers penetrated Japan’s national internal network system, used by diplomats to transmit confidential government documents, two years ago. The breach potentially exposed a vast amount of sensitive information. In response, Japan has joined forces with the United States to bolster its cyber defenses.

The incident is part of a broader pattern, with Chinese cyber operatives frequently targeting not only the United States but also the Netherlands, the Philippines, and other nations. According to American cybersecurity authorities, China currently poses the world’s most significant cyber threat.

On Feb. 5, officials from the Japanese government announced that the Ministry of Foreign Affairs’ internal secure network, responsible for handling diplomatic secrets, was compromised by cyberattacks attributed to the Chinese military.
During a press conference held on the same day, Yoshimasa Hayashi, the chief cabinet secretary of Japan, was questioned about a cyber intrusion into the Ministry of Foreign Affairs. He responded that the sensitive nature of the incident precluded him from commenting. Nevertheless, he said that, thus far, the Ministry of Foreign Affairs had not detected any breaches of information.
The cyberattack, which took place in 2020, was identified by the U.S. government, which immediately alerted Japan and advised them to implement countermeasures. This led to a comprehensive review and fortification of network systems across major Japanese government agencies.

The successful hacking of Japan’s highly secure internal network system, which operates as a closed circuit separate from the international internet, is exceptionally rare. The network, utilizing the “International IP Virtual Private Network” for encrypted communication, is crucial for conveying confidential information gathered by Japanese diplomats from foreign governments.

In the summer of 2020, the United States informed Japan of China’s intense scrutiny of the network connecting Japan’s overseas embassies. The exact nature of the information compromised and the method of detection of the cyberattack remain undisclosed. Nevertheless, it is suspected that communications between the Japanese Embassy in Beijing and the Japanese Ministry of Foreign Affairs were extensively accessed by Chinese hackers.

NSA Uncovers Extensive Chinese Cyber Espionage on Japan’s Defense Networks

The U.S. National Security Agency (NSA) has unearthed alarming activities by hacker groups affiliated with the Chinese military aimed at penetrating Japan’s secret defense networks. These cyber intrusions were focused on gathering detailed information about Japan’s military strategies, capabilities, and vulnerabilities. A former U.S. military officer characterized the gravity of these breaches as “shockingly bad,” while an NSA official labeled it “one of the most damaging hacks in that country’s modern history.”

In light of these grave discoveries, NSA director Paul Nakasone, alongside other American officials, urgently traveled to Japan for discussions with top Japanese government figures. The bilateral talks focused on devising strategies to address and secure against the vulnerabilities within the network systems of critical Japanese institutions, including the Ministry of Foreign Affairs, the Ministry of Defense, the National Police Agency, the Public Security Intelligence Agency, and the Cabinet Intelligence and Research Office.

Washington has voiced concerns over the potential spill-over effect of such breaches, fearing that American secrets intertwined with Japan’s security network could also be compromised. Consequently, the United States has urged Japan not only to share its improvements but also to persistently enhance its cyber defense mechanisms. In response to these developments, Japan has committed to a comprehensive overhaul of its cyber defenses to prevent similar incidents in the future.

In response to inquiries about these cybersecurity breaches, a spokesperson for the Chinese Ministry of Foreign Affairs claimed to be unaware of the allegations. This was later followed by official documents from China criticizing Japan.

The Philippines also reported thwarting an attempt by Chinese hackers to breach the website of the Philippine president and the government’s email system in January of this year. Jeffrey Ian Dy, the deputy minister of the Philippines’ Department of Information and Communications Technology, confirmed that the cyberattack originated from China.
Moreover, on Feb. 6, the Netherlands’ Military Intelligence and Security Service and the General Intelligence and Security Service reported that Dutch military networks were compromised by Chinese hackers in 2023. This incident was highlighted as part of a broader pattern of Chinese espionage activities targeting the Netherlands and its allies, underlining the global scope of China’s cyber espionage efforts.

FBI Director Highlights Chinese Cyber Threats to US Infrastructure

In a stark warning during his congressional testimony on Jan. 31, Christopher Wray, director of the Federal Bureau of Investigation (FBI), highlighted the ongoing cyber threats from Chinese government-supported hacker groups targeting critical American infrastructure. The threats encompass key sectors such as water treatment facilities, power grids, and transportation systems, with the potential to cause significant harm to U.S. citizens and communities if the Chinese government opts to activate these attacks.
FBI Director Christopher Wray testifies during a congressional hearing on the CCP Cyber Threat to the American Homeland and National Security in Washington, on January 31, 2024. (Photo by Julia Nikhinson/AFP via Getty Images)
FBI Director Christopher Wray testifies during a congressional hearing on the CCP Cyber Threat to the American Homeland and National Security in Washington, on January 31, 2024. Photo by Julia Nikhinson/AFP via Getty Images

This alert represents the most direct warning yet from the FBI director regarding the cyber threat posed by China to the United States, underscoring the severity and immediacy of the risk to national security.

In an operation that underscores the extent of the threat, the U.S. Department of Justice, in collaboration with the FBI, was able to neutralize the cyber operations of a Chinese hacker group known as “Volt Typhoon.” This group is part of a broader network focused on penetrating Western critical infrastructures, including naval facilities, internet service providers, and essential utilities like water, electricity, and natural gas sectors.

“Volt Typhoon” employs a strategy that exploits unsecured internet-connected devices worldwide, such as routers, modems, and cameras, to conceal their presence and gain control over these devices. The network is then leveraged to launch attacks on more vulnerable and critical downstream targets.

Mr. Wray emphasized that Chinese hackers pose a daily threat to America’s economic security by stealing vast quantities of intellectual property and personal data. This cyber espionage significantly undermines U.S. technological and economic advancements.

The Epoch Times’ special publication “How the Specter of Communism Is Ruling Our World” further elaborates on the issue, uncovering the CCP’s engagement in extensive espionage to technologically outpace the United States.
The publication suggests that 90 percent of cyber espionage activities targeting the United States originate from China, with the CCP’s cyber infiltration efforts extending to major U.S. corporations and military establishments. This strategy aims to misappropriate technologies and knowledge that the CCP cannot independently develop, including advanced drone technology, which was reportedly stolen from the United States.

Cybersecurity Experts: China is the Premier Global Cyber Threat

In a comprehensive analysis by American cybersecurity experts in June 2021, it was revealed that China’s cyber threat capabilities have significantly and rapidly expanded over the last decade, positioning it as the foremost global cyber threat. The collaboration between the Chinese military and its Ministry of State Security plays a pivotal role in orchestrating cyberattacks, with cyber espionage emerging as a key instrument in China’s strategic rivalry with the United States.

The Insikt Group, a U.S. cybersecurity research firm, reported that the hacker group RedFoxtrot, linked to Chinese military intelligence operations in Urumqi, Xinjiang, is believed to be part of Unit 69010 of the Chinese military. This unit, implicated in a series of cyberattacks aimed at Central Asian nations since 2014, underscores its strategic importance to China’s cyber warfare efforts.

Unit 69010, considered a component of the Chinese military’s Strategic Support Force specializing in information and cyberspace warfare, has been instrumental in conducting cyber operations against critical infrastructures over the past decade, according to Morgan Wright, a former senior adviser to the U.S. State Department’s Antiterrorism Assistance Program.

China’s cyber warfare capabilities have evolved rapidly, boasting an estimated force of 25,000 military personnel divided among various units, including Unit 69010, which primarily targets countries in China’s vicinity.

James Lewis, director of the Strategic Technologies Program at the Center for Strategic and International Studies, highlighted that China has engaged in cyber espionage for two decades. In the initial years of widespread high-speed internet access, Chinese efforts to steal intellectual property were detected targeting U.S. government entities, the Department of Defense, and private sector companies.

China has also utilized cyber espionage to monitor and suppress Chinese human rights activists, a practice that continues today. This long-term engagement in cyber activities underscores China’s commitment to leveraging cyber espionage as a critical tool in its geopolitical and strategic ambitions.

Broader Context of Chinese Cyber Operations

In March 2021, the Chinese hacker group Hafnium conducted extensive cyber operations against the United States, compromising data and impacting as many as 250,000 entities, including government agencies, businesses, and educational institutions. This incident is part of a broader pattern of aggressive cyber activities by Chinese military-affiliated groups against foreign targets.

As far back as June 2014, an American cybersecurity firm identified Unit 61486 of the Chinese military based in Shanghai. This unit has been particularly focused on infiltrating government, defense, aerospace, and satellite organizations in the United States, Europe, and Japan through sophisticated cyber espionage campaigns.

Investigations by U.S. agencies have uncovered over 20 Chinese hacker groups, with a majority linked to the military, underscoring the state-sponsored nature of these cyber operations. The recent cyberattacks on Japan, while not explicitly attributed, bear the hallmarks of being orchestrated by such specialized military units, considering their strategic focus on key national sectors.

In a significant policy statement in June 2011, the U.S. Department of Defense declared that cyberattacks on critical U.S. infrastructure—such as nuclear facilities, transportation systems, and energy pipelines—that pose a risk to public safety could be deemed acts of war by a foreign military. This stance reflects the serious implications of cyber warfare on national security and international relations.
The Epoch Times’ special publication “How the Specter of Communism Is Ruling Our World” highlights the analysis of Michael Pillsbury, an esteemed American expert on China, who argues that the CCP harbors a long-term strategy aimed at undermining the U.S.-led global economic and political order. According to Mr. Pillsbury, the ultimate goal of the CCP is to achieve global dominance by the time it celebrates its centennial anniversary, leveraging various tactics, including cyber espionage, to fulfill this ambition.