Dal quotidiano “THE JAPAN NEWS”: Japan’s highly-classified diplomatic cables leaked by China hackers

Japan’s highly-classified diplomatic cables leaked by China hackers

The Yomiuri Shimbun · 9 Feb 2024

The Foreign Ministry’s telecommunications system for official telegrams, including classified diplomatic information, was subject to cyber-attacks by China and sensitive information had been compromised, according to government sources.
In 2020, the U.S. government warned Japan of the hacking and asked it to take action. The Japanese side has since accelerated efforts to strengthen countermeasures by inspecting the computer networks of major government entities.
It is highly unusual for the system for official diplomatic telegrams, the confidentiality of which is of particular importance, to have been breached. The warning underlines Washington’s strong concerns about Japan’s cybersecurity.
According to the sources, the U.S. government informed Japan in the summer of 2020, when the late Prime Minister Shinzo Abe was in power, that the computer networks of Japanese diplomatic missions abroad had been breached by Chinese hackers. Although Washington did not disclose the specifics of the leaked information and how it learned of the cyber-attacks, it suggested that official telegrams between the Japanese Embassy in Beijing and the Foreign Ministry in Tokyo, among other parties, were being widely accessed by Chinese authorities.
At the time, then U.S. National Security Agency Director Paul Nakasone and other officials were prompted to visit Japan to meet with high-ranking Japanese government officials. Japanese and U.S. working-level officials also discussed how to respond to the matter.
As a result, the two countries agreed that Japan would improve vulnerable computer programs by having five bodies handling classified information — the Foreign Ministry, the Defense Ministry, the National Police Agency, the Public Security Intelligence Agency and the Cabinet Intelligence and Research Office — inspect their networks. The status of the improvements has since been shared between the two countries, while Washington has asked Tokyo to continue such inspections and efforts to reinforce cybersecurity.
Official telegrams include highly classified information that Japanese diplomats receive from foreign governments and other sources. To prevent an external breach, such information is sent and received via international IPVPN, a network that uses advanced encryption methods without going through the regular internet.
The Foreign Ministry has not disclosed any details about, or even the occurrence of, such a cyber-attack. The ministry’s Information and Communications Division, which supervises official telegrams, told The Yomiuri Shimbun that it refrains from making comments on this matter for information security reasons.
Regarding cyber-attacks on Japan, The Washington Post reported in August last year that Chinese military hackers had compromised the Japanese government’s computer networks which handle defense secrets. However, this is the first time that a breach of the Foreign Ministry’s system on diplomatic telegrams has been revealed.
To drastically strengthen its cybersecurity, the Japanese government aims to introduce a so-called active cyber defense system, in which information networks will be monitored during ordinary times to detect signs and prevent serious cyber-attacks.
HURDLES MUST BE CLEARED
Prime Minister Fumio
Kishida stressed the urgent need to improve Japan’s ability to mount an active cyber defense during Diet deliberations, telling the Feb. 1 session with party representatives in the House of Representatives that he would “speed up discussions to pass related bills as soon as possible.”
However, Kishida also said there were various issues that had to be considered from many points of view, “including connections with existing laws.”
The submission of related bills is therefore likely to be delayed to an extraordinary Diet session in autumn at the earliest.
Among the “connections with existing laws,” the highest hurdle is how to balance the bills’ aims with “the secrecy of any means of communication” guaranteed in the Constitution.
To detect and analyze the signs and origins of cyber-attacks, telecommunications records such as emails used for the attacks have to be submitted to the government. A system will have to be designed to handle such matters as how to obtain telecommunications records, the range of the information covered, and the creation of a related framework within the government. A wide range of laws — such as the Telecommunications Business Law, the Law on Prohibition of Unauthorized Computer Access and the Panel Code — will also have to be revised.
These issues are being considered by government officials led by Deputy Chief Cabinet Secretary Shunichi Kuryu, the top bureaucrat involved.
Some in the government have voiced concern, pointing out that the Kishida Cabinet’s approval ratings have been low. They fear that the administration will not survive if opposition parties campaign against the moves, as they did regarding passages of the Law on the Protection of Specially Designated Secrets and a package of security-related legislation.
However, current procedures
for responding to cyberattacks only allow countermeasures to be implemented after damage is noticed. This could lead to a situation in which system shutdowns and other problems throw society into confusion. Japan could suffer irreversible harm and losses.
U.S. Deputy National Security Advisor Anne Neuberger was interviewed by The Yomiuri Shimbun when she visited Japan in December to discuss how to enhance countermeasures and other matters with Japan. Neuberger leads cyber policies for the White House.
During the interview, Neuberger said cyber security is one of the core elements of Japan-U.S. cooperation, and the United States wants to collaborate with Japan as Washington makes significant efforts in that regard.
She also said it was possible for the two governments to detect threats while protecting citizens’ privacy, and that strengthening cyber security will actually protect personal information.
When Kishida visits the United States in April, cyber-related issues will likely be on the agenda in his meeting with U.S. President Joe Biden.
A growing number of Liberal Democratic Party lawmakers want the prime minister to demonstrate the political resolve to protect Japanese nationals and strengthen the bilateral alliance. (Feb. 6)