The sources have opted to remain anonymous, but a group of former US military officials have told Washington Post reporters that Chinese hackers deeply penetrated Japanese military networks in 2020 and appeared to dwell there for about a year.
Japan has not confirmed the incident and it remains unknown exactly how bad the damage is, but Military readiness and supply information was reportedly targeted and the incident may have shaped US information sharing policies with its primary ally in China’s backyard.
China’s campaign of targeting military networks centered on Taiwan, South China Sea
The report follows news that Chinese hackers may have planted malware throughout US military networks, though the Japanese campaign looks to have started at an earlier date.
The extent of China’s plans are still unclear. There is obvious conflict over Taiwan, but China makes claims throughout the Pacific that infringe on islands and waters that other assorted nations call their own. Malware was found in Guam targeting US bases there, possibly waiting for activation to slow down military deployments to the region.
The major US military allies in the region, such as Japan and South Korea, are necessarily drawing together to counter this mutual threat. However, these collaborations may be hampered by lack of trust in US intelligence agencies, which have repeatedly been caught spying on allies. The US offers to help allies with its advanced cyber capabilities, but as Japan demonstrated they are sometimes hesitant to accept offers that involve access to military networks or other sensitive systems.
US offers aid to victims of Chinese hackers, but prior spying makes allies cautious
The US Cyber Command has provided assistance to many other nations victimized by state-backed Russian and Chinese hackers, but some countries refuse that assistance as they perceive the US as simply being the next in line to commit espionage if given access to military systems.
The situation with Japan is exacerbated by the fact that the NSA would not reveal how it knew the Chinese hackers were in the defense networks, as it might compromise their own sources or operations. While the Japanese government received its initial briefing on the situation in fall 2020 and appeared to take it seriously, it would take until fall 2021 before it would be fully addressed. The delay was caused in no small part by this lack of trust, as Japan ultimately set up a domestic team to work indirectly with NSA and Cyber Command advisors to chase the Chinese hackers out of military systems.
That may in turn erode trust at the other end, as the US becomes more hesitant to share sensitive intelligence with Japan for fear that Chinese hackers will intercept it. To bolster its own security and confidence, Japan has since set up its own Cyber Command and committed several billion dollars to national cyber defense over the next few years. But the incident leaves serious questions about exactly what degree of chaos will erupt in the Pacific if China ever opts to go on a full cyber offensive.