Japan’s National Police Agency (NPA) has attributed more than 200 cyberattacks over the past five years to the Chinese state-affiliated hacking group “MirrorFace.” These espionage-related attacks targeted Japanese national security and technology information, including politicians, journalists, and defense and foreign ministries.
The hackers used various tactics, such as email phishing attacks with malware disguised as invitations to panels, and exploiting existing VPN flaws to target aerospace institutions and semiconductor firms. One notable attack breached the Microsoft 365 cloud accounts of 207 staff members at the Japan Aerospace and Exploration Agency (JAXA), including its president and executives.
China’s Foreign Ministry has denied the allegations, stating that China opposes and fights all forms of hacker attacks and does not politicize cybersecurity issues. However, the NPA’s findings suggest a significant and targeted cyberattack campaign by the MirrorFace group.