Skip to main content

Japan’s Cybersecurity Strategy: Deterring China with Selective Engagements

May 22, 2017

Japan’s recent efforts in cyberspace reflects its ambition to have a more proactive military posture and expand the scope of the US-Japan alliance. Under the current Abe administration, Japanese policy-makers have significantly enhanced Japan’s cyber-defense capabilities due to the growing cybersecurity tensions between the United States’s relationships with China, Russia, and North Korea.

Given Japan’s position as a central US diplomatic, economic, and military ally, Japan’s actions are increasingly critical to the strategic balance in the region. Moreover, Japan’s growing capabilities to cyber challenges has strengthened U.S.-Japan alliance responses to security challenges and cyber threats from China along with other actors.[1]

Against this backdrop, Japanese policy-makers are pursuing multilateral cyber cooperation with everyone while avoiding a direct cyber dialogue with China. Due to numerous incidents of cyber-conflict and lingering distrust, China-Japan relations in cyberspace are leading to heightened geopolitical tensions and spillovers into existing contentious areas. Japan’s recent move to fundamentally restructuring cybersecurity through national institutions implies a broader trends of assertiveness in its overall security trajectory. These ambitions underline Japan’s development as a key player across all realms of security issues in the Asia-Pacific.

Japan-China Relations

Japan-China relations continue to be constrained due to lingering misconceptions, historical animosity, and territorial disputes, which weaken existing cooperation and deter potential collaboration in cybersecurity and other domains. One of the main issues hindering the bilateral relationship is Japan’s unwillingness to confront their history of aggression in World War II. This controversy arises whenever Japanese leaders go to the Yasukuni Shrine to commemorate to modern Japan’s war dead.[2] Currently, the Yasukuni includes 1,054 Class-B and Class-C war criminals, and 14 Class-A war criminals. Leaders’ visits anger Japan’s neighbors — where many of the war crimes took place. Among the heated disputed issues are the so-called “Comfort Women,” who were kidnapped and used as sex slaves by the Japanese military; horrific incidents like the Rape of Nanking; and the Diaoyu/Senkaku Island territorial disputes between China and Japan.[3]

Because the majority of the Japanese public learns very little about Japan’s aggressions in World War II, the Japanese public tends to be fed up with China’s repeated demand for an apology.[4] A recent Japan-China joint opinion poll report found that the views on Japan-China relations among Japanese and Chinese have worsened. Some 71.9% of the Japanese surveyed said the current relationship between the two countries is bad, while 78.2% of the Chinese surveyed expressed similar sentiments.[5]

On the cyber frontier, Japan has begun to securitize and militarize its cybersecurity strategy in response to a series of incidents that revealed Japan’s cybersecurity vulnerabilities. Since 2009, Japan has experienced an increased volume of advanced persistent threats (APTs) attacking its critical infrastructure – all attacks in which China is likely the main offender.[6] As a result of rising concerns over China’s growing cyber capabilities, Japan moved responsibility for cybersecurity to military institutions, namely the Japan Ministry of Defense (JMOD) and Japan Self-Defense Forces (JSDF).

Under the current Abe administration, cybersecurity has become the core of Japan’s national security policy.[7] Thus, Japan aims to create more centralized institutions for cyberspace in order to build comprehensive cyber defense capabilities in preparation for the Tokyo Olympics 2020 and for the overall Asia-Pacific security.

Deterring China: Future Sino-Japanese Cybersecurity Cooperation Face Challenges

In conjunction with the development of a national security strategy, Japanese policy-makers have also stressed the importance of international cooperation in cyberspace. Japan has made an effort to play a leading role in strengthening international norms and increasing cyber awareness. In 2006, Japanese policymakers first raised the necessity of a global cybersecurity cooperation with the publication, First National Strategy on Information Security.[8] However, Japan did not officially acknowledge cyberattacks as a national security threat until 2013 under its Cyber Security Strategy. Under this strategy, Japan defined cyberspace as a global commons in need of protection.[9] Along these lines, Japan has held bilateral and multilateral cybersecurity conferences with major cybersecurity players.

Since the late 2000s, Japan has actively engaged in global cooperation on cybersecurity with the US, the UK, India, the EU, ASEAN, and even Russia. Initial cyber cooperation with the US started in the early 2000s that lead to the Memorandum of Understanding Concerning Cooperation Regarding Information Assurance and Computer Network Defense in 2006.[10] The United States and Japan have built a bilateral framework to promote various efforts in the area of policy consultation, cyber incident response and information sharing. To promote cooperation with European countries, Japan held the bilateral Japan-UK cyber dialogue in 2012 and the Japan-EU Internet Security Forum in 2013. Moreover, collaboration efforts with India were also pursued under the 2+2 dialogue that covered foreign policy issues and security.[11]

Within the Asia-Pacific region, Japan’s ties with ASEAN are important due to the increased investment by Japanese enterprises to ASEAN states.[12] On 2013, Japan and ASEAN made an agreement for raising awareness as a specific cooperation issue. An annual cybersecurity conference with ASEAN has also occurred since 2009. And, an ASEAN-Japan cybercrime dialogue was also implemented in 2014.[13]

Recently, Japan has been actively pushing cooperation with Russia economically in areas such as oil and gas development and the modernization of ports and airports in the Russian Far East.[14] In 2013, initial dialogues on maritime and cyber defense cooperation were halted due to the northern territorial disputes. However, the Abe administration seems determined to normalize relations with Russia, which sets a stark contrast to the minimal effort focused on improving Sino-Japanese relations. The intentions behind Japan’s expansion in defense perimeters in cyberspace will likely to be perceived by China as a threat.

Japan’s Expanding Global Strategy for Cybersecurity   

According to the annual reports published by Japan’s National Institute for Defense Studies on China’s security, Japan perceives China’s military rise and cyber capabilities as a threat. In 2014, the number of cyberattacks in Japan passed the 25 billion mark, with 40% traceable back to China.[15] Notable incidents of cyberwarfare between China-Japan were data breaches in the defense industry and of Diet member email accounts in 2011[16], in which around 500 staff emails and passwords were compromised; cyberattacks on Japan’s defense industry at the same year[17]; and attacks against Japan’s government agencies in 2012 over the disputed Diaoyu/Senkaku Islands.[18]

Despite moments where Japanese hackers also targeted Chinese websites, Japanese offensive action has been minimal. These incidents paint a picture where China’s cyber capabilities are more offensive whereas Japan’s capabilities are more defensive. The reason for Japan’s lack of preemptive cyberattacks is due to its constitution, which prohibits war other than for self-defense.[19] However, the current Abe administration is persistently pushing for a revision of the Japanese constitution by 2020.[20]

Japan is expanding the defense perimeter in cyberspace to relative state players while avoiding a direct cyber dialogue with China. These actions are not only likely to provide an arena of further direct tension with China, but could also prove a set path for open and broader conflict. The mutual distrust can be seen in the relative absence of a bilateral cybersecurity dialogue between China and Japan — only a trilateral cybersecurity dialogue between China, Japan, and South Korea exist.[21] Due to various contentious issues, lack of trust, and different perspectives on cybersecurity, Sino-Japanese cooperation in cyberspace or in any other strategic domain will continue to face major challenges. Therefore, Japan and China will need to be mindful of the risks of rapid escalation and conflict in cyberspace if they are not to destabilize bilateral ties and the wider Asia-Pacific region security outlook.


Japan’s turn to a more proactive defense position is seen in its resolve to become a major “cyber power.” The reinterpretation of Article 9 in the Japanese Constitution to “collective self-defense” is reflective of the broader trends of change and new assertiveness in its national security trajectory. Given Japan’s growing testy relations with China over maritime and historical disputes, Japan’s cyberspace diplomacy through selective engagements will undoubtedly form an added source of contention. Thus, potential China-Japan cooperation in cyberspace that could possibly lead to a lessening of overall tensions is challenging and unlikely. Moreover, Japan’s recent economic and cyber engagement with Russia seems to undermine the need of improving Sino-Japanese relations. Japan’s evolving role as a “cyber power” will enhance the defense capabilities of the US-Japan alliance, but will potentially increase tensions with China in this emerging strategic frontier.


[1] “Cybersecurity Strategy Advice for the Trump Administration: US-Japan Relations,” The Henry M. Jackson School of International Studies, February 12, 2017.

[2] Reiji Yoshida and Mizuho Aoki, “Abe Visits Yasukuni, Angering Beijing and Seoul,” The Japan Times Online, December 26, 2013.

[3] Kallie Szczepanski, “What Is So Controverial about Japan’s Yasukuni Shrine?,” ThoughtCo, accessed May 6, 2017.

[4] Mariko Oi, “What Japanese History Lessons Leave out,” BBC News, March 14, 2013, sec. Magazine.

[5] “Polls Show Sino-Japan Public Sentiment Worsens; Direct Interaction Key to Improvement,”, accessed May 6, 2017.

[6] Kallender, Paul, and Christopher W. Hughes, “Japan’s Emerging Trajectory as a ‘Cyber Power’: From Securitization to Militarization of Cyberspace,” Journal of Strategic Studies 40, no. 1–2 (January 2, 2017): 118–45, doi:10.1080/01402390.2016.1233493.

[7] Ibid.

[8] “The First National Strategy on Information Security – ‘Toward the Realization of a Trustworthy Society’” (Information Security Policy Council, February 2, 2006).

[9] Kyoungsik Min and Seung-Woan Chai, “An Analytic Study of Cyber Security Strategies of Japan,” International Journal of Security and Its Applications, 10 (2016): 37–46.

[10] “防衛省・自衛隊:日本国防衛庁と米国国防省の情報保証とコンピュータ・ネットワーク防御における協力に関する了解覚書(MOU)の締結について,” accessed April 22, 2017.

[11] “Japan & India Strengthen Cyber-Security Cooperation,” Infosecurity Magazine, October 22, 2012.

[12] “Japan Shifts Investment From China to Southeast Asia,”, May 30, 2016.

[13] “[Press Releases] The Inaugural ASEAN-Japan Cybercrime Dialogue,” Ministry of Foreign Affairs of Japan, accessed April 22, 2017.

[14] Sputnik, “Russia, Japan Could Sign Deals on Over Dozen Joint Projects During Abe’s Visit,” accessed April 22, 2017.

[15] Arthur Herman, “Japan’s Cyberthreats — Lessons from the US – by Arthur Herman,” accessed April 22, 2017.

[16] “Chinese Hack Attack Suspected at Japanese Diet | International,” Before It’s News | Alternative News | UFO | Beyond Science | True News| Prophecy News | People Powered News, accessed May 7, 2017.

[17] “Japan’s Defense Industry Hit by Its First Cyber Attack,” 2011.

[18] Bill Gertz, “Cyber Blitz,” Washington Free Beacon, accessed May 7, 2017.

[19] “Insights Into Japan’s Cybersecurity and Other Global Views,” Private WiFi, March 26, 2013.

[20] Motoko Rich, “Shinzo Abe Announces Plan to Revise Japan’s Pacifist Constitution,” The New York Times, May 3, 2017.

[21] “First Cyber Dialogue between Japan, PRC, and ROK,” SSRC SHIELD Security Research Center, accessed April 22, 2017.