How Will Japan’s Cybersecurity Posture Impact its Relations With China?
Japan’s new Kishida government seeks to bolster the national response to cyber threats from China, the country’s largest export market. What could go wrong?
Japan’s relations with China are underpinned by a delicate balance of economic and national security interests. According to data from the Japan External Trade Organization, China is Japan’s largest trading partner, to which it exported more than $141 billion worth of goods in 2020, compared with $118 billion to the United States. Yet, as highlighted by Japan’s Ministry of Defense, China is also Japan’s most significant geopolitical challenge, a concern shared by the country’s new Prime Minister Kishida Fumio.
On October 4, the same day he was sworn into office, Kishida announced the establishment of a new ministerial position responsible for economic security, designed to address strategic threats from China, including those in the cyber domain. How Japan responds to cyber threats from China through its current national cybersecurity posture has implications for the complex relationship between the two countries.
China’s Cyber Threats to Japan
Many cyber operations targeting Japanese organizations have been attributed to advanced persistent threat (APT) groups with alleged ties to China’s military and intelligence apparatus. One example is the long-standing global cyberattack campaign targeting Japanese organizations conducted by the APT group coded named “Cicada,” which was uncovered by cybersecurity firm Symantec in 2020.
Most of the known cyber operations impacting Japan and attributed to China have focused primarily on espionage and cybercrime, such as sensitive data breaches and intellectual property theft. More sinister destructive attacks targeting critical infrastructure, such as Russia’s alleged shutdown of Ukraine’s power grid in December 2016, have not yet taken place or been successful in Japan.
Japanese companies are also vulnerable to cyber threats from compromised technology components or code from China embedded within their hardware or software supply chains, especially in strategic industries such as semiconductors and drones. In 2021, the popular Japanese messaging platform LINE revealed that subcontractors in China had access to its Japan-based servers containing personal data of its 86 million users and that monitoring functions were also outsourced to another China-based firm. Insider threats from Chinese nationals working or studying at Japanese institutions in Japan have also raised concerns among Japanese policymakers, especially given the national security and cybersecurity risks if these students and employees have privileged access to sensitive information and critical systems.
Japan’s Response to China’s Cyber Threats
Japan’s posture toward China in cyberspace is an extension of the country’s existing cybersecurity activities, which have been evolving over the last two decades. At present responsibility and authority for Japan’s cybersecurity at the national level is distributed and shared among various government ministries and departments such as the Ministry of Defense, Ministry of Foreign Affairs, and National Police Agency. The National center of Incident readiness and Strategy for Cybersecurity (NISC) acts as a coordinating body for cybersecurity across the government, including the national computer emergency response (CERT) team, and publishes numerous cybersecurity strategies, standards, and plans.
To mitigate against China’s cyber threats in the military realm, the Ministry of Defense has emphasized boosting and consolidating the cybersecurity capabilities of Japan’s Self-Defense Forces through a new Cyber Defense Command and invested 35.7 billion yen ($341 million) for improved cybersecurity training and technology during fiscal year 2021, a significant 39.4 percent increase from 2020. However, Articles 9 and 21 of Japan’s post-war pacifist constitution prevent the SDF from engaging in pre-emptive warfare and domestic surveillance respectively. This limits the Ministry of Defense’s development and implementation of a holistic cybersecurity strategy toward China that would include offensive cyber and domestic intelligence capacities.
Alongside the Ministry of Defense, Japan’s National Police Agency has also announced plans to establish a new bureau and team focused on addressing serious cyber threats, explicitly citing those posed by China and other nation-states. This follows a major cyber incident uncovered by the National Police Agency, whereby a Chinese engineer and Chinese Communist Party (CCP) member residing in Japan orchestrated a large-scale cyber operation on behalf of China’s military, targeting more than 200 Japanese organizations tied to the aerospace and defense sectors, including Japan’s Space Agency (JAXA).
In the international arena, Japan’s Ministry of Foreign Affairs has been a highly active proponent of “cyber diplomacy,” establishing the role of “Ambassador in Charge of Cyber Policy” in 2012 and creating a dedicated “Cyber Security Policy Division” in 2016. The county has also been an active participant of the U.N. Governmental Group of Experts (GGE) on Cybersecurity since 2019. These cyber diplomacy efforts allow Japan to indirectly engage and challenge China in global cybersecurity forums rather than through direct confrontations in cyberspace.
On the regional level, Japan has fostered closer ties with Australia, India, and the United States, collectively known as “the Quad,” as part of its commitment to a “Free and Open Indo-Pacific,” which includes cyberspace. As such, Japan has conducted cybersecurity exchanges with each of the Quad nations and in September 2021 the group pledged to cooperate further in cybersecurity.
Implications for Japan’s Relations With China
At the political level, greater tensions between Japan and China in cyberspace are unlikely to significantly worsen current bilateral relations. Instead, cyber conflict would likely be a byproduct of three major existing geopolitical issues between the two countries if they should escalate. First, China continues to challenge Japan’s claims of sovereignty over certain territories in the East China Sea, through repeated incursions into Japanese maritime space. Second, China’s increasingly aggressive stance toward Taiwan has prompted Japan to declare its commitment to the security of the island. Third, in the event of a Sino-U.S. war, Japan would become a prime target for China’s military as it hosts the largest concentration of U.S. military forces in the Asia-Pacific, including bases across the islands of Okinawa, not far from Taiwan.
In the economic sphere, Japan’s cybersecurity posture may damage its positive trading relationship with China. Existing policies to address concerns over software and hardware supply chain security, foreign investment, and technology transfers have already forced Japanese companies to diversify their manufacturing, suppliers, and investments from China. This led China to reciprocate by increasing its scrutiny of foreign investments and operations.
Despite this attempted decoupling by Japan, China is still a major market for Japanese exports, which is more difficult to substitute for Japanese companies than suppliers. China has also clearly stated its intensions to develop an independent domestic economy while encouraging greater foreign reliance on China in their supply chains under its “Made in China 2025” strategy. So overall, Japan loses more economically from worsening trade ties than China as a result of a more assertive cybersecurity response, which includes policies to restrict commercial exchanges.
Rebalancing Japan’s China Relations Through Cybersecurity
Nevertheless, cybersecurity may present Japan with opportunities to improve and rebalance relations with China and calm geopolitical tensions. For example, Japan may want to further engage with China in its global cybersecurity diplomacy efforts to check China’s ambitions without directly confronting it in cyberspace.
More realistically, in the mid to long term, the only way Japan can really readjust its relations with China through cybersecurity is to enhance its domestic cyber defense capabilities by investing in the development and implementation of critical technologies such as artificial intelligence, quantum cryptography, and post-quantum encryption. Without these technologies, in which China currently has the advantage, Japan will be forced to either revise its constitution to permit counter offensive cyber operations (enabling the SDF to conduct pre-emptive activities in Chinese cyberspace), continue to rely on the U.S. security umbrella and foreign technologies to protect its national cyber infrastructure, or acquiesce to China’s technical and geopolitical superiority.
Based in Tokyo, Japan, Thomas Glucksmann is the CEO of T22 LABS, a defense technology company using artificial intelligence to combat cyber threats. He is also a graduate student of Cyber Policy and Government at Tel Aviv University, Israel, conducting research on national cybersecurity strategies. Thomas obtained his BA in Modern China Studies with Japanese Studies from the University of Hong Kong, China.
Want to read more?
Subscribe for full access.
SubscribeThe Authors
Based in Tokyo, Japan, Thomas Glucksmann is the CEO of T22 LABS, a defense technology company using artificial intelligence to combat cyber threats. He is also a graduate student of Cyber Policy and Government at Tel Aviv University, Israel, conducting research on national cybersecurity strategies. Thomas obtained his BA in Modern China Studies with Japanese Studies from the University of Hong Kong, China.