When you purchase through links on our site, we may earn an affiliate commission. This doesn’t affect our editorial independence.
Japan’s National Police Agency (NPA) has attributed more than 200 cyberattacks over the past five years to the Chinese state-affiliated hacking group “MirrorFace.” These espionage-related attacks targeted Japanese national security and technology information, including politicians, journalists, and defense and foreign ministries.
The hackers used various tactics, such as email phishing attacks with malware disguised as invitations to panels, and exploiting existing VPN flaws to target aerospace institutions and semiconductor firms. One notable attack breached the Microsoft 365 cloud accounts of 207 staff members at the Japan Aerospace and Exploration Agency (JAXA), including its president and executives.
China’s Foreign Ministry has denied the allegations, stating that China opposes and fights all forms of hacker attacks and does not politicize cybersecurity issues. However, the NPA’s findings suggest a significant and targeted cyberattack campaign by the MirrorFace group.
The National Police Agency said its analysis on the targets, methods and infrastructure of the cyberattacks by MirrorFace from 2019 to 2024 concluded they were systematic attacks linked to China with an aim of stealing data on Japanese national security and advanced technology.
The targets of the Chinese government-led cyberattacks included Japan’s Foreign and Defense ministries, the country’s space agency and individuals including politicians, journalists, private companies and think tanks related to advanced technology, the NPA said.
