Classified Japanese diplomatic information was leaked following Chinese cyberattacks on the Foreign Ministry in 2020, a government source said Monday, exposing the nation’s digital vulnerability.
Japan detected the large-scale attack and release of diplomatic telegrams during a period of government under then Prime Minister Shinzo Abe, the source said, but the nature of the leaked information is still publically unknown.
Tokyo and Washington discussed countermeasures in the wake of the leak of the diplomatic telegrams, which are highly confidential documents exchanged daily between the ministry and diplomatic missions abroad, the source said.
The diplomatic telegrams were sent via an encrypted Internet Protocol Virtual Private Network, or IP-VPN, according to the source. The use of this kind of network is critical in the transfer of sensitive data.
Japanese Chief Cabinet Secretary Yoshimasa Hayashi said at a press conference that the government of Prime Minister Fumio Kishida has not confirmed that secret Foreign Ministry information was accessed through the cyberattacks.
The ministry “has routinely worked to maintain and strengthen cybersecurity,” Hayashi, the top government spokesman, added.
Japan has lagged behind other developed countries in the development of its cybersecurity defenses, causing great concern to its close security ally the United States. Washington has urged Tokyo to improve its cybersecurity capabilities.
In its National Security Strategy updated recently, Japan pledged to introduce “active cyber defense” to eliminate in advance the possibility of serious cyberattacks that could threaten “national security and critical infrastructure.”
But bills to implement a more active approach to cyber defense have not been submitted to parliament as discussions on the issue have stalled, with fears lingering that such a move could violate the nation’s Constitutional guarantee on the secrecy of communications.
Among other governmental offices that have suffered cyberattacks, the Japan Aerospace Exploration Agency was likely targeted by an attack last year, but no sensitive information on rockets or satellites was accessed.
In August, the government’s National Center of Incident Readiness and Strategy for Cybersecurity said it found that email addresses and other information might have been leaked as a result of unauthorized external access.