In the fall of 2020, the National Security Agency made an alarming discovery: Chinese military hackers had compromised classified defense networks of the United States’ most important strategic ally in East Asia. Cyberspies from the People’s Liberation Army had wormed their way into Japan’s most sensitive computer systems.
The hackers had deep, persistent access and appeared to be after anything they could get their hands on — plans, capabilities, assessments of military shortcomings, according to three former senior U.S. officials, who were among a dozen current and former U.S. and Japanese officials interviewed, who spoke on the condition of anonymity because of the matter’s sensitivity. “It was bad — shockingly bad,” recalled one former U.S. military official, who was briefed on the event, which has not been previously reported.
Tokyo has taken steps to strengthen its networks. But they are still deemed not sufficiently secure from Beijing’s prying eyes, which, officials say, could impede greater intelligence-sharing between the Pentagon and Japan’s Defense Ministry. The 2020 penetration was so disturbing that Gen. Paul Nakasone, the head of the NSA and U.S. Cyber Command, and Matthew Pottinger, who was White House deputy national security adviser at the time, raced to Tokyo. They briefed the defense minister, who was so concerned that he arranged for them to alert the prime minister himself.
Beijing, they told the Japanese officials, had breached Tokyo’s defense networks, making it one of the most damaging hacks in that country’s modern history.
The Japanese were taken aback but indicated they would look into it. Nakasone and Pottinger flew back “thinking they had really made a point,” said one former senior defense official briefed on the matter.Back in Washington, then-President Donald Trump was busy contesting Joe Biden’s election victory, and administration officials were preparing for a transition. Senior national security officials briefed incoming national security adviser Jake Sullivan during the handoff, but the incoming Biden administration faced a swirl of issues — including how to deal with a major Russian breach of U.S. agency networks discovered during the Trump administration — and some U.S. officials got the sense the Japanese just hoped the issue would fade away.
By early 2021, the Biden administration had settled in, and cybersecurity and defense officials realized the problem had festered. The Chinese were still in Tokyo’s networks.
Since then, under American scrutiny, the Japanese have announced they are ramping up network security, boosting the cybersecurity budget tenfold over the next five years and increasing their military cybersecurity force fourfold to 4,000 people.
Read more here.