print PRINT

SECURITY > Cybersecurity

Japan-U.S. joint exercise designed to respond to cyberwar against China

By Taketsugu Sato, Takateru Doi, Kenji Minemura and Tatsuya Sudo, editorial board members


“The U.S. and Japan confirmed that a cyberattack could be regarded as an ‘armed attack’ under certain circumstances to which Article 5 of the U.S.-Japan Security Treaty applies,” said U.S. Secretary of State Mike Pompeo during the press conference after a foreign and defense ministerial meeting between the two countries (so-called 2 Plus 2), which was held in Washington in April of last year.


If a cyberattack causes damage to Japan’s critical infrastructure or casualties, it would be regarded an armed attack on Japan, and under the treaty, the U.S. military would counterattack based on the treaty. Mr. Pompeo’s remarks suggesting such a scenario were spelled out in a joint document.


Cooperation between the SDF and the U.S. military is also advancing. In September last year, the U.S. Army’s “Cyber Blitz” exercise was combined with the Japan-U.S. joint exercise “Orient Shield,” most of which was conducted in Kyushu, Japan. For the first time the SDF participated in the U.S. Army’s “multidimensional combat” exercise, which combines ground combat and cyber war. A Defense Ministry official said, “We confirmed how the U.S. and Japan would move their troops while protecting their own systems.”


However, the SDF has just started acquiring cyberwarfare capabilities, lagging behind the U.S. military.


Two years ago, the U.S. military spun off its Cyber Command, a subordinate branch of the U.S. Strategic Command, and elevated it to a unified combatant command equivalent to the Indo-Pacific Command and the Strategic Command, etc. The Cyber Command is composed of 133 units with over 6,200 uniformed and civilian personnel. The command not only defends networks of the U.S. military but also has “Combat Mission Teams” that support conventional combat in cyberwarfare. On the other hand, the SDF established the “Cyber Defense Group” in 2014, but it currently has about 220 members.Its size and capabilities are far short of  U.S. military’s.


Nevertheless, the two countries are seeking full-scale cooperation in cyberspace because of China.


China regards the U.S. military as having an overwhelming advantage in conventional combat capabilities, so the PRC is eager to compete in the domains of cyber and space. “China will strike the U.S. military’s networks and satellites, the Achilles’ heel of U.S. forces, as these rely on advanced technology,” said a researcher at a Chinese military-affiliated think tank.


Last summer, the PRC’s strategic support unit participated in one of its largest exercises simulating a contingency involving Taiwan. The unit conducted mock drills for destroying Taiwan’s critical infrastructure such as power plants by cyberattack.


Under the call for “promoting the integration of military and civilian forces” (by Chinese leader Xi Jinping), the unit worked with a “cyber militia” comprising telecom companies’ employees and private hackers. “The cyber militia has hundreds of thousands of members,” said one of them. 


Japan has legal issues and there are no international rules


There are many legal challenges to improving Japan’s cyber capabilities and enhancing Japan-U.S. cooperation in this domain. This is because, compared with ground, sea and air, cyberspace has unique characteristics.


When an attack occurs in a conventional war, it is easy to identify the enemy country by reconnaissance satellites or radar. But this is not the case in cyberspace. It is unclear what kind of cyberattack falls under an “armed attack.” There are no UN or multilateral international treaties governing cyber warfare.


The U.S., Russia, China, and other countries use viruses in cyberspace to conduct espionage activities. These countries are routinely working to identify the types and sources of viruses sent by other countries in preparation for large-scale cyberattacks.


The SDF’s capabilities are, however, limited. The Japanese government’s stance on cyberspace is that “Japan maintains a strictly defensive policy in cyberspace as well and its adherence to relevant domestic and international laws remains unchanged,” in the words of Defense Minister Taro Kono.


Even if Japan tries to apply the law that prohibits the crime of inputting an unauthorized command into an electromagnetic record, the “crime of unauthorized creation of virus,” to prevent culprits from creating viruses and tries to determine the source of a cyberattack, it may conflict with and infringe on the “protection of the secrecy of any means of communication” guaranteed under Article 21 of the Constitution. An official associated with public security complains, “Even if we can identify the servers of hackers, there is not much we can do.”


Even in peacetime, however, the U.S. takes the position that “there is no international agreement that customary international law prohibits the launch of cyberattacks against other countries that do not amount to interference in internal affairs or the use of force,” according to General Counsel Paul Ney of the Department of Defense.


On the contrary, Japan’s new National Defense Program Outline Policy specifies that Japan will “have the capability to prevent enemies from using cyberspace,” but it will only be used in the event of an “emergency.”


Masahiro Kurosaki, associate professor of international law at the National Defense Academy of Japan, said, “The U.S. military takes a transboundary cyber action from the preliminary stage of an ‘armed attack’ by an enemy, but it is difficult for the SDF to take the same action unless an attack is recognized as an ‘armed attack.’” In this way, the professor points out that a Japan-U.S. joint response in cyberspace would not be easy.


If the U.S. Forces Japan or the U.S. Indo-Pacific Command suffers major damage from a cyberattack, will Japan recognize it as a “situation threatening Japan’s survival” and invoke the right to collective self-defense? “There remain many issues concerning the SDF’s capability and the law,” said a senior official of the Defense Ministry. “The U.S. would expect Japan to do a lot, which would expose issues Japan must address. How to involve itself in international rule-making on cyberspace is also a challenge for Japan.


No difference between peacetime and contingency


Professor Motohiro Tsuchiya, a dean of Faculty of Policy Management and professor of the Graduate School of Media and Governance at Keio University, offers this comment:


In regards to cyberattacks, there is no difference between “peacetime” and “emergency.” Cyberattacks do not begin with a declaration of war. We have no way to know who launched  a cyberattack or where it came from. We may not even be able to determine whether a state or a group of individuals launched the attack. There are cases where victims of cyberattack have been unaware for hundreds of days that they were attacked. Most of what we generally call cyberattacks are cybercrimes. It is highly possible that hackers find vulnerabilities in opponents’ systems and implant a virus or malware. The virus and malware would be activated in the event of a conflict and disable opponents’ radars and destroy their infrastructure.


If Japan, like other countries, sneaks a virus into an opponent’s system even before a crisis occurs, that might run counter to its domestic law, so its peacetime activities are limited. It is, however, a half-step forward for Japan to become able to assay even in peacetime the efficacy of its attacks and defenses within the confines of a cyber exercise that is blocked off from external networks. It is necessary to thoroughly examine and discuss in peacetime the legal framework concerning cyberspace in a cool-headed manner.

  • Ambassador
  • Ukraine
  • COVID-19
  • Trending Japan