Key facts
- Japan's Ground Self-Defense Force used USB drives infected with a virus linked to Chinese hackers.
- The infected drives were connected to computers with access to classified information.
- The breach went undisclosed for nearly a year.
- A Nikkei investigation uncovered the cybersecurity lapse.
- Over 200 cyberattacks in the past five years have been linked to the Chinese hacking group MirrorFace.
- Japan is sharing cyber threat intelligence with NATO member countries.
Japan's Ground Self-Defense Force utilized USB drives containing a virus believed to be linked to Chinese hackers on computers that held classified information for nearly a year. This occurred without disclosure, despite similar infected memory sticks being readily available online, according to a Nikkei investigation.
A separate investigation by Japan's National Police Agency linked over 200 cyberattacks between 2019 and 2024 to a Chinese hacking group known as MirrorFace. These systematic attacks aimed to steal data related to Japan's national security and advanced technology, targeting entities including the Foreign and Defense ministries, the country's space agency, and individuals and organizations involved in advanced technology.
Experts have expressed ongoing concerns about Japan's cybersecurity vulnerabilities, particularly as the nation enhances its defense capabilities and collaborates more closely with international partners like the United States. In response, Japan has begun sharing intelligence on cyber threats, including malware used by China, North Korea, and Russia, with NATO member countries to bolster cyber defenses.