A breach of Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) is generating heightened concern among allies and intelligence agencies. The security intrusion, first discovered in June 2023 but believed to have initiated in October 2022, was publicly disclosed by NISC earlier last month. Although NISC has not officially attributed the breach to any group, anonymous sources familiar with the situation point toward state-backed Chinese hackers as the culprits.
These sources spoke to the Financial Times and include high-ranking government officials and industry insiders. They suggest that this breach could be part of a systematic campaign by Chinese hackers to assess Japan’s cyber defenses. This has provoked intense scrutiny given the current geopolitical tensions, particularly over Taiwan and the broader Indo-Pacific region.
Email conversations were exposed during the breach, leaving the door open for targeted phishing and social engineering attacks. NISC issued a follow-up statement warning the public about “suspicious phone calls and emails” that could exploit the compromised information.
“NISC staff will not ask you for personal information by phone or email, nor will we ask you to access any website (URL) in connection with that,” the report read.
Interestingly, the July cyberattack on the Port of Nagoya, initially attributed to the Lockbit ransomware group, is also now considered by insiders to be part of China’s broader hacking campaign against Japan. The Nagoya port attack had halted operations for approximately two days.
The timing of the NISC breach is sensitive, given that Japan is one of the United States’ most significant military partners in the Indo-Pacific. An August report from the Washington Post stipulates that U.S. officials may re-evaluate the scope of intelligence sharing with Japan.
In a bid to fortify its cyber defenses, Japan has announced significant changes. The country plans to boost its cybersecurity budget by 1,000% and expand its cybersecurity force from 900 to 4,000 members in the next five years. However, whether these measures will reassure western allies and effectively protect against future cyber threats remains uncertain.