Japanese Police Claim Chinese Military Behind Cyber Attacks

By Ashok Ramprasad | January 4, 2022
100
Chinese hackers backed by the PLA are engaged in many forms of cyber crime.
Chinese hackers backed by the PLA are engaged in many forms of cyber crime. (Image: NICOLAS ASFOURI/AFP via Getty Images)

Many countries across the world are facing a growing threat of cyberattacks and cyber espionage. When it comes to hacking, intellectual property theft, and other illegal acts in cyberspace, the Chinese communist regime is one of the biggest instigators of such crimes.

China’s cyber security attacks don’t just target the U.S. and Europe; neighboring countries like Japan have become victims. On Dec. 28, Japanese police secured an arrest warrant for a Chinese national who is suspected of carrying out a cyberattack on the Japan Aerospace Exploration Agency (JAXA). The attack is believed to be connected to the Chinese military.

According to police, the suspect has been identified as Wang Jianbin, a former international student. A senior Tokyo Metropolitan Police Department official told Nikkei Asia that in Wang’s case there was a “strong indication of military involvement.”  Law enforcement authorities in Japan have asked the International Criminal Police Organization to place the 36-year-old Wang, who has fled Japan, on the Interpol wanted list.

Wang was acting under the directions received from the wife of a member of the Chinese People’s Liberation Army’s (PLA) cyberwarfare Unit 61419. In Nov. 2016, Wang tried to illegally purchase advanced computer security software that is sold only to Japanese businesses. 

Police said that in order to enact the deal, Wang devised a fake company name and an alias. However, the company that sells the software found discrepancies in Wang’s application and refused the sale.

Meanwhile, police concluded that the Chinese military was using this strategy to obtain access to the software, identify loopholes in it, and use the know-how to launch cyberattacks and breach critical data. This is one of the latest scam operations involving the PLA.

Wang was also instructed by the PLA member’s wife to rent a server and share the ID and password. In 2016 and 2017, the server was allegedly used to launch cyberattacks on 200 Japanese companies and research institutions, including JAXA. Officials suspect that the attacks were carried out by “Tick,” a Chinese hacking group under the supervision of a Chinese military unit. 

In April this year, a Chinese systems engineer was referred to prosecutors by the Tokyo police on allegations that he had used a false identity to rent a server that was used for illegal activities. 

The police identified the man as a member of the Chinese Communist Party (CCP) who sought to benefit monetarily by exchanging the ID and password. However, police found no immediate ties between the CCP member and the Chinese military.

In the case of Wang, the police said that he was influenced by the military member through social media to “contribute to the state.” Another message that was relayed to him was “we have a powerful team.”

Apart from the above attacks, Japanese tech giant Fujitsu was forced to discontinue its ProjectWEB platform in early 2021 after hackers gained access to its systems and stole data from the Japanese government agencies. The attack affected the Japanese Ministry of Land, Infrastructure, Tourism, Transport, Narita International Airport, and the Cabinet Secretariat.

The latest attack on Japanese government agencies exposes the vulnerability in its systems. To address this issue, Japan is planning to set up a working unit within police authorities as well as a cyber command center. It is also cooperating with the Quad alliance to strengthen cyber defense capabilities.

Chief Cabinet Secretary Katsunobu Kato said that there have been no major reports of data leaks or damage from the attacks. The police are also analyzing the motives and techniques of the attackers and are also reviewing several other cyberattacks that they presume to be connected to China’s military.

Japanese authorities are worried that the threat to cybersecurity is growing, pushing companies to employ strict safety measures to protect their data from being hacked by Beijing. “There are more than a few cases in Japan in which ordinary Chinese are pressured into following orders by their government or the military,” a police source said.

According to The Japan Times, the Public Security Intelligence Agency (PSIA) also said in its annual report released on Dec. 31 that there has been a spate of cyberattacks aimed at stealing classified data from Japanese companies. The agency pointed to communist China, North Korea, and Russia as the main perpetrators of cybercrimes.