China hacks Japanese cybersecurity agency

Three anonymous high-ranking sources recently revealed to the Financial Times that cybercriminals sponsored by China infiltrated Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC). The latter declared the intrusion was curtailed to an email breach (which it had disclosed early August 2023), effectively recognizing the incident.

However, the Financial Times’ sources mention a broader compromise, started in October 2022, which they claim the NISC only learned about in June 2023. The intrusion is believed to have enabled the cyberattack against the Nagoya seaport in early July 2023, which shut down port facilities for two days. The attack had previously been blamed on the LockBit ransomware gang.

The Financial Times’allegations follow similar revelations by the Washington Post in early August of 2023. Anonymous sources claimed that Chinese State-sponsored cybercriminals infiltrated the Japanese national security system in 2020 and remained there until 2022 or 2023. The NSA is claimed to have discovered the intrusion and informed the NISC.

The news comes at a very tense time in the region, with China’s threats against Taiwan and the strengthening of North Korea’s arsenal. According to the Financial Times, the United States, worried by the porous nature of Japanese strategic computer systems, is believed to now restrict the sharing of critical information with their ally.