A Chinese engineer who is a member of the Chinese Communist Party was referred to prosecutors by Tokyo police Tuesday over his alleged involvement in cyberattacks on about 200 companies and research institutes, including the Japan Aerospace Exploration Agency, in 2016 and 2017.
The series of hacks are believed to have been conducted by "Tick," a Chinese cyberespionage group, under the direction of China's People's Liberation Army, according to investigative sources.
Japan's top government spokesman, Chief Cabinet Secretary Katsunobu Kato, admitted an investigation is under way and said the targeted entities including firms have been warned, but he added the government has not received any reports from the police regarding damage such as information leaks.
"We will be sharing among government bodies the intent, methods, and background of the attackers (determined) through the investigation," Kato said at a regular news conference.
The suspect, a systems engineer in his 30s at a Chinese state-run information and technology firm, is suspected of having used a fake ID to rent a server on five occasions between September 2016 and April 2017. He was in Japan at the time.
The server was used to mount cyberattacks.
Tick later purchased his fake ID online to access the server.
Japan's space agency, known as JAXA, said it had confirmed illegal access in 2016 but there was no data leak or alteration.
While investigating the cyberattacks, the Tokyo Metropolitan Police Department identified the Chinese Communist Party member and a former Chinese male student as having signed contracts to rent servers.
The student, who has left Japan, also allegedly used a fake ID that was later bought by Tick.
When the two were questioned before leaving Japan, investigators also found that the former student was receiving orders from a cyberattack unit within the PLA, according to the sources.
Unit 61419, located in the eastern Chinese city of Qingdao, Shandong Province, is responsible for cyberattacks on Japan and South Korea, the sources said.