Japan says Chinese hackers have launched hundreds of attacks on targets in the country
- Japanese authorities confirm that a cyber campaign targeted government and infrastructure targets between 2019 and 2024
- The Chinese hacking group MirrorFace is believed to be behind the attacks
- The group has claimed a number of victims in recent years
The Japanese government has revealed that a series of more than 200 cyber attacks over the past five years are linked, and the prime suspect is the infamous hacking group MirrorFace.
The attacks targeted the country’s infrastructure and reportedly aimed to steal Japanese national security and advanced technological data.
The National Police Agency (NPA) confirmed that analysis of the targets, methods and infrastructure could link hundreds of attacks between 2019 and 2024 to targets including Japan’s foreign and defense ministries, the country’s space agency and individuals, including politicians. journalists and private companies.
Japan’s infrastructure is at risk
The MirrorFace group, also known as Earth Kasha, most often targets companies and individuals, but has recently been observed to be involved in a spearphishing campaign targeting researchers and government employees, luring victims with fake documents detailing relations between the US and China are discussed.
MirrorFace’s spearphishing campaign involved sending emails containing malware attachments sent to individuals and organizations to view data stored on computers between December 19 and July 2023, primarily from Outlook and Gmail addresses with stolen identities, the NPA investigation showed.
Experts have raised concerns about Japan’s cyber vulnerabilities, especially given the country’s recent push to develop its military and defense capabilities and cyber defenses.
Japan recently faced DDoS attacks from pro-Russian hackers targeting government and political entities, following the strengthening of Japan’s military alliance with the United States. These attacks were disruptive and highlighted the growing risk of politically motivated cyber attacks.
Japanese companies, including Casio, NTT Docomo and Japan Airlines, have all been targets of cyber attacks in recent months, but the vulnerability of state infrastructure is perhaps the most worrying.
Via ABC News