China’s PLA blamed for cyberattacks in Japan

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.

The Chinese military is suspected of ordering hackers to attack hundreds of targets in Japan, including the country’s space agency and defense-related firms. Police sent papers to prosecutors on a Chinese Communist Party member on Tuesday on suspicion of forging digital records related to the cyberattacks.

The Tokyo Metropolitan Police Department says the Japan Aerospace Exploration Agency, or JAXA, suffered a cyberattack in 2016. The police identified a Chinese man who had leased several servers in Japan that were allegedly used in the attack.

The man, who is no longer in Japan, is said to be a computer engineer in his 30s. He allegedly rented servers five times under false names.

Investigative sources say the servers’ ID and other credentials were then passed on to a Chinese hacker group known as “Tick.”

Tokyo police suspect the Chinese People’s Liberation Army instructed Tick to stage cyberattacks in Japan. Sources say that about 200 companies and advanced research institutions, including Mitsubishi Electric and Keio University, were targeted.

A JAXA spokesperson told NHK that the space agency did experience unauthorized access, but suffered no data leaks or other damage.

Meanwhile, another Chinese man is also said to have rented several servers in Japan using fake identities. This was allegedly under the instruction of a member of unit 61419 — a bureau in charge of cyberattacks within China’s PLA.

Cyber security expert Iwai Hiroki says Tick is one of the private hacker groups that are believed to work under the instructions of China’s PLA and national security authorities. He says Tick became active in the early 2000s and is thought to target aerospace research entities through sophisticated attacks.