Japan military used infected USB drives linked to China-based hacking in nearly year-long breach

by

Japan’s Ground Self-Defense Force used counterfeit USB flash drives infected with malware on computers tied to sensitive military networks for nearly a year, after the devices entered service during earthquake relief work in March 2024. Leaked internal documents and a Nikkei Asia investigation said six of eight tested drives contained the same code and that more than 50 computers were exposed.

KEY FACTS

  • Delivery The USB drives reached the JGSDF in March 2024 during disaster relief work.
  • Discovery The malware was found in February 2025 after a computer at the Middle Army headquarters slowed down.
  • Exposure Nearly half of the affected systems handled classified information, including troop movement data.
  • Scope The same malware has also been seen on drives sold online and on systems at factories and research sites.

The report said the drives bypassed standard procurement channels when they were brought in during emergency operations after an earthquake in central Japan. Investigators matched the code to a strain previously tied to a Chinese hacking group by an unnamed US cybersecurity firm.

Japan’s Defense Ministry said the malware was a legacy type that self-replicated but did not exfiltrate information or contact outside systems. The ministry is still examining how the drives were acquired and says it plans to enforce mandatory virus-scanning safeguards.

A separate account cited a local government spokesperson as saying officials could not confirm any record of buying or paying for the drives. The origin of the counterfeit devices remains unclear, and the same type has been sold on major online retail platforms at prices 30 to 50 percent below authentic brands.

WHY IT MATTERS

The case shows how preloaded removable media can reach sensitive networks when emergency procedures bypass normal checks. It also underscores the need to verify vendors and scan removable devices before they are connected to corporate or military systems.