Japanese authorities have recently confirmed that a cyber campaign targeting government and infrastructure targets in Japan between 2019 and 2024 has been linked to the notorious hacking group known as MirrorFace. This revelation comes after a string of over 200 cyberattacks in the last five years were identified and attributed to the group.
The attacks, which aimed to steal Japanese national security and advanced technology data, targeted key infrastructure in the country, including the Japanese Foreign and Defense ministries, the space agency, and individuals such as politicians, journalists, and private companies. The National Police Agency (NPA) conducted an analysis of the targets, methods, and infrastructure, which led to the linking of hundreds of attacks to MirrorFace.
MirrorFace, also known as Earth Kasha, is known for targeting businesses and individuals. However, recent sightings of the group engaging in a spear phishing campaign targeting researchers and government workers have raised concerns. The campaign involved sending emails with malware-laden attachments to individuals and organizations, with the aim of accessing data stored on their computers between December 2019 and July 2023. The use of stolen identities from Outlook and Gmail addresses added a layer of sophistication to the attacks.
The vulnerability of Japan’s cybersecurity infrastructure has become a growing concern, especially in light of recent cyberattacks targeting the country. Pro-Russian hackers launched DDoS attacks against Japan in response to the country’s military alliance with the United States, highlighting the risks of politically motivated cyberattacks. This, combined with the ongoing threat posed by groups like MirrorFace, underscores the need for robust cybersecurity measures in Japan.
In addition to government entities, Japanese companies such as Casio, NTT Docomo, and Japan Airlines have also fallen victim to cyberattacks in recent months. The targeting of state-owned infrastructure raises further alarm about the potential impact of such attacks on critical services and systems in the country.
Experts have repeatedly emphasized the need for enhanced cybersecurity measures in Japan to combat the growing threat of cyberattacks. As the country continues to develop its military capabilities and cyberdefenses, addressing vulnerabilities in infrastructure and implementing proactive security measures will be crucial in safeguarding against future attacks.
Overall, the cyber campaign linked to MirrorFace highlights the evolving nature of cyber threats faced by Japan and underscores the importance of vigilance and preparedness in defending against sophisticated and persistent cyber adversaries. As technology advances and threats become more intricate, staying ahead of cyber threats will be essential in protecting the country’s critical infrastructure and national security.