Japanese government sources confirm Chinese hackers stole classified diplomatic information during 2020 cyberattack
A source who spoke with
Kyodo News has confirmed that
classified Japanese diplomatic information was leaked following Chinese cyberattacks on the
Ministry of Foreign Affairs in 2020.
During the administration of the late Prime Minister Shinzo Abe, the
Kyodo News source reported that the Japanese government detected
a large-scale attack and release of diplomatic telegrams. The nature of the leaked information is still unknown. (Related:
Will hackers cripple America with a cyberattack? Expert says it might happen in 2024.)
The diplomatic telegrams were leaked outside of government servers through an encrypted Internet Protocol Virtual Private Network, or IP-VPN. The use of this kind of network is critical in the transfer of sensitive data.
At a press conference following the revelation, Chief Cabinet Secretary Yoshimasa Hayashi said the government of Prime Minister Fumio Kishida has not confirmed that secret Foreign Affairs Ministry information was accessed through the cyberattack.
"[The ministry] has routinely worked to maintain and strengthen cybersecurity," said Hayashi.
The revelation of the cyberattack has highlighted how Japanese cybersecurity infrastructure has lagged behind compared to other developed nations, causing great concern not just for the government in Tokyo but also for its close ally, the United States, which regularly urges Japan to improve its cybersecurity capabilities.
In its recently updated National Security Strategy, Japan has pledged to introduce an "active cyber defense" regimen to eliminate in advance the possibility of serious cyberattacks that could threaten "
national security and critical infrastructure."
But government-sponsored bills to implement a more active approach to cybersecurity have not been submitted to parliament, as discussions on the issue have stalled, with fears lingering that such a move could violate Japan's constitutional guarantee on the secrecy of communications.
CCP-backed hackers targeting governments worldwide
Unfortunately, Japan is not the only recent victim of a cyberattack with ties linking back to China and the CCP.
The Military Intelligence and Security Service (MIVD) of the
Ministry of Defense of the Netherlands confirmed that a Chinese cyber espionage group breached its servers late last year
and deployed malware on compromised devices.
Fortunately, the Dutch Defense Ministry said that despite being able to "backdoor" the hacked devices, the damage from the breach was limited due to network segmentation.
"The effects of the intrusion were limited because the victim network was segmented from the wider
Ministry of Defense networks," said MIVD and the
General Intelligence and Security Service, the main Dutch intelligence agency, in a joint report. "The victim network had fewer than 50 users. Its purpose was research and development of unclassified projects and collaboration with two third-party research institutes. These organizations have been notified of the incident."
A follow-up investigation revealed that the Chinese hackers used a previously unknown malware strain codenamed Coathanger, a remote access trojan designed to infect Fortigate firewall network security appliances. The Coathanger implant was reportedly "persistent," being able to remain on the infected devices after multiple reboots "by injecting a backup of itself in the process responsible for rebooting the system."
In the Philippines, the
Department of Information and Communications Technology (DICT) reported that hackers operating in China
attempted to break into websites and email systems belonging to Philippine President Ferdinand Marcos Jr. and other government agencies, including the website of the government maritime security watchdog the National Coast Watch Center.
"We are not attributing this to any state. But using the internet protocol addresses, we pinpointed it to China," said DICT spokesperson Renato Paraiso, who reported that the unsuccessful hacking operations occurred sometime in January. "We are appealing to the Chinese government to help us prevent further attacks."
The Philippines is currently working on a five-year cybersecurity strategy to
strengthen its cyber defenses to combat cyberattacks and domestic digital crimes, a program that includes the creation of a military cyber command.
The thwarted cyberattacks came at a time of heightened tensions between Manila and Beijing, largely over disputed territory in the South China Sea.
China continues trying to hack into critical U.S. infrastructure
In the U.S., a monthlong government effort to fight a pervasive Chinese hacking operation that compromised thousands of internet-connected devices is currently underway. The
Department of Justice and
the Federal Bureau of Investigation have made this operation public after they sought and received legal authorization
to remotely disable aspects of the Chinese hacking campaign.
"China's hackers
are positioning on American infrastructure in preparation to wreak havoc and cause real-world harm to American citizens and communities," said FBI Director Christopher Wray. "Low blows against civilians are part of China's plan."
The main CCP-linked hacking group in question is known as Volt Typhoon, a group which has alarmed intelligence officials who say that it is part of a broader CCP-led effort to compromise critical infrastructure in the Western world, including naval ports, internet service providers and utilities networks like water and electricity.
Volt Typhoon's U.S. activities first came to light in May 2023, when Microsoft revealed it had been tracking Volt Typhoon intrusions at communications and transportation infrastructure, among other critical infrastructure, in U.S. states and Guam. Since then, Volt Typhoon has only expanded the scope of its operations.
If it successfully breaches critical infrastructure, national security experts warn that China could remotely disrupt important facilities in the Indo-Pacific region that in some form either support or service U.S. military operations. This could, for example, keep the U.S. at bay for long enough in case of a Chinese invasion of Taiwan or if other Chinese territorial disputes turn into larger firefights with countries like Japan, the Philippines or Vietnam.
Learn more about cyberattacks and other hacks and data breaches at
CyberWar.news.
Watch this short clip from "NFSC" discussing how FBI Director Christopher Wray has warned Congress about
the "unparalleled" threat posed by a CCP-led cyberattack.
This video is from the
Chinese Taking Down Evil CCP channel on Brighteon.com.
More related stories:
Cybersecurity official warns: Americans must prepare for CYBERATTACKS from Chinese hackers.
More sophisticated Chinese cyberattacks target U.S. firms, government agencies, defense contractors.
Chinese hackers STEAL intellectual property from more than 30 companies.
Report: China HACKED networks of at least SIX state governments in 2021.
5 Chinese nationals charged with hacking more than 100 companies worldwide.
Sources include:
Breitbart.com
English.KyodoNews.net
BleepingComputer.com
Reuters.com 1
Reuters.com 2
Wired.com
Brighteon.com