Japan’s cybersecurity failures duly noted in the West

A powerhouse of technological innovation, Japan is rightly recognized as a global leader in industrial automation, robotics, biomedical research, and artificial intelligence. However, outdated security infrastructure, a rapidly evolving cyber threat and a culture of sovereign pride undermine these achievements.

In autumn 2022, Chinese state-backed hackers compromised Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) system in a sustained attack that lasted until June 2023. The discovery of the breach couldn’t have come at a worse time — Tokyo is keen to deepen its military cooperation with the US, UK and regional allies.

Now, government cyber security experts in these nations are expressing reservations about Japan’s ability to handle data safely. Inflamed geopolitical tensions in the region aren’t helping — independence advocate Lai Chine-te’s victory in Taiwan’s presidential elections has seen the People’s Liberation Army staging the largest military maneuvers in weeks. This is a move the US will be keeping a close watch on.

While it was unclear exactly what data was compromised by the hackers, it is almost certain the state-funded “BlackTech” is infiltrating routers to gain undetectable backdoor access to the networks of companies in the US and Japan. The re-routes have been confirmed by the US National Security Agency, Federal Bureau of Investigation and Japanese police jointly during a cybersecurity advisory late in September 2023.

These Border Gateway Protocol (BGP) re-routes fall under the Harvest Now, Decrypt Later (HNDL) threat — where malicious actors collect and store sensitive encrypted data with the intention of cracking it later by using powerful quantum computers.

HNDL