TOKYO (AP) — Japan has officially linked over 200 cyberattacks between 2019 and 2024 to a Chinese hacking group known as MirrorFace, targeting its national security and high technology data. The National Police Agency (NPA) detailed these systematic attacks on Wednesday, urging both government agencies and businesses to strengthen their cyber defenses (AP News).

The targeted entities included crucial sectors such as Japan’s Foreign and Defense ministries, the nation’s space agency, and numerous individuals including politicians, journalists, and experts from advanced technology sectors. Experts have continuously raised concerns about Japan’s vulnerability in cybersecurity, particularly as the country enhances its defense posture in collaboration with the United States and other allies. While some steps have been taken to bolster security, further measures are deemed necessary.

MirrorFace primarily utilized phishing techniques, sending malicious emails with attachments to breach targets, often impersonating trusted contacts via platforms like Gmail and Microsoft Outlook. The emails typically featured subject lines that included strategic terms like “Japan-U.S. alliance” and “free and open Indo-Pacific,” and often invited recipients to panels discussing these critical topics (SCMP).

In addition to email phishing, the hackers exploited vulnerabilities in virtual private networks (VPNs) to access sensitive information from organizations in areas including aerospace, semiconductors, and communications from February to October 2023. Noteworthy incidents include a cyberattack on the Japan Aerospace and Exploration Agency (JAXA), which, although it did not compromise sensitive defense-related data, acknowledged multiple cyber threats since the beginning of this year.

Japan has seen other disruptions due to cyberattacks, such as last year’s significant incident that disrupted operations at a container terminal in Nagoya for three days, as well as a cyberattack on Christmas that delayed over 20 domestic flights for Japan Airlines. Fortunately, swift actions by the carrier mitigated the impacts on overall flight safety.

As Japan continues to enhance its cybersecurity infrastructure, experts emphasize the necessity for improved strategies to combat such persistent cyber threats.