The breach and the US warnings were reported earlier by The Washington Post, which cited multiple current and former US and Japanese officials it didn’t identify.
Yasukazu Hamada, Japan’s defence minister, declined to comment on the Washington Post report, telling reporters in Tokyo on Tuesday that it does not comment on individual cyberattacks and how they are handled.
“I won’t comment on the details due to the nature of the matter,” Hamada said. “We have not confirmed that classified information held by the defence ministry has been leaked due to a cyberattack.” The Japanese embassy in Washington didn’t immediately respond to messages requesting comment.
Tensions between the US and China are increasing due in part to concerns of a potential Chinese attack on Taiwan, which would likely be accompanied by cyberattacks, particularly in the early stages.
Beijing regards the island as a breakaway province to be brought under mainland control – by force, if necessary. Many countries, including the US, do not officially recognise Taiwan as an independent state but oppose the use of force to change the status quo.
In 2019, the US and Japan agreed that a cyberattack against either country in Japan could, in certain circumstances, constitute an armed attack. The US has about 56,000 troops based in Japan, according to the US Defence Department.
In August 2021, Yasuhide Nakayama, who was then Japan’s state minister of defence, said he and Nakasone were “opening a new chapter in our joint efforts in cyberspace” as part of a visit to US Cyber Command to discuss security challenges in cyberspace and bilateral cooperation, according to US Cyber Command.
Japan established a Cyber Defence Group in 2014, as part of its Self-Defence Forces.
But amid a growing spate of cyberattacks, it reorganised and launched a full cyber defence command in March 2022, along with a commitment to engage in offensive cyber operations and plans to expand to 4,000 people by the end of 2027, according to Japan’s Ministry of Defence.
In addition to visits to Japan by both Nakasone and Neuberger, then National Cyber Director Chris Inglis also visited Japan in December 2022.
In a statement, the US Defence Department described the US-Japan Alliance as the cornerstone of peace and security in the Indo-Pacific and said it was strengthening cyber cooperation as part of “alliance modernisation efforts”.
In January, the US and Japan agreed to “intensify collaboration to counter increasingly sophisticated and persistent cyber threats” following security talks to strengthen the alliance in Washington.
“The United States welcomed Japan’s initiatives to bolster its national cybersecurity posture,” said a joint statement, citing the creation of a new organisation to coordinate whole-of-government cybersecurity policies and a new framework set to “provide a foundation for a wider range of US-Japan cooperation.”