Close Menu
Cybercrime and Ransomware

Japan’s Ground Self-Defense Force Faces Malware Threat via Infected USB Drives

Staff WriterBy No Comments4 Mins Read1 Views

Summary Points

  1. Japan’s Ground Self-Defense Force unknowingly used counterfeit, malware-infected USB drives during relief efforts, exposing classified military networks for nearly a year without detection.
  2. The malware, linked to China-backed hacking groups, was designed to evade standard security scans, leading to over 50 computers, including those handling sensitive info, becoming compromised.
  3. The military concealed the incident, failing to disclose the breach despite its severity and the wider distribution of similar infected drives across Japan’s factories and research institutions.
  4. Experts advise strictly sourcing trusted storage devices, scanning all removable media in isolated systems, and enforcing rigorous procurement protocols to prevent future nation-state cyber threats.

What’s the Problem?

In Japan, a significant cybersecurity incident involving the Ground Self-Defense Force (JGSDF) was uncovered. Over nearly a year, the military unknowingly used counterfeit USB drives infected with malware, which had been distributed during relief efforts after a major earthquake in March 2024. These fake drives, manufactured in China and sold at low prices, contained malware that automatically activated and compromised over 50 systems, including those handling classified information. The infection was only detected in February 2025, when a soldier noticed his computer was sluggish, revealing the hidden virus. However, despite the severity, the JGSDF chose to keep the incident internal, sparking criticism and raising concerns about wider security vulnerabilities. Investigations by Nikkei uncovered that the malware was linked to a China-backed hacking group, and that the security protocols were poorly followed, allowing the threat to persist undetected for so long. Meanwhile, this breach highlighted a broader threat, as similar infected drives were found reaching factories and research institutions across Japan, emphasizing the importance of stringent supply chain oversight and device validation to prevent such breaches in the future.

Security Implications

The issue of Japan’s Ground Self-Defense Force using infected USB drives linked to China highlights a serious security risk that any business can face. If your company relies on USB drives for data transfer, cyber malware can easily infect your systems, causing data breaches or operational disruptions. In turn, this can lead to financial loss, reputational damage, and legal liabilities. Moreover, once malware infiltrates your network, it can spread rapidly, compromising sensitive customer or company information. Consequently, without proper cybersecurity measures and device checks, your business becomes vulnerable to similar attacks. This situation makes it clear that, regardless of size or industry, safeguarding digital assets must be a top priority to prevent similar disasters from happening to you.

Possible Next Steps

In cybersecurity, swift and decisive action is essential to contain threats and prevent extensive damage. When hardware like USB drives used by critical military units becomes compromised with malicious malware, delays in remediation can lead to severe national security risks and operational disruptions, emphasizing the critical need for prompt response.

Containment Measures
Immediately isolate infected devices to prevent malware spread.
Disable USB ports on unaffected systems to reduce infection risk.

Identification and Assessment
Conduct thorough scans to confirm malware presence.
Map out the scope of infection across all affected systems.

Eradication Procedures
Remove infected USB drives from the network.
Use antivirus and malware removal tools to clean affected systems.

Recovery Actions
Restore affected systems from secure backups.
Verify system integrity before bringing devices back online.

Preventive Strategies
Implement strict access controls for portable media.
Mandate use of approved, encrypted USB drives.
Enhance staff training on cybersecurity best practices.

Monitoring & Testing
Continuously monitor systems for anomalies.
Regularly test and update malware defenses and detection tools.

Advance Your Cyber Knowledge

Stay informed on the latest Threat Intelligence and Cyberattacks.

Understand foundational security frameworks via NIST CSF on Wikipedia.

Disclaimer: The information provided may not always be accurate or up to date. Please do your own research, as the cybersecurity landscape evolves rapidly. Intended for secondary references purposes only.

Cyberattacks-V1

Share.
Avatar photo

John Marcelli is a staff writer for the CISO Brief, with a passion for exploring and writing about the ever-evolving world of technology. From emerging trends to in-depth reviews of the latest gadgets, John stays at the forefront of innovation, delivering engaging content that informs and inspires readers. When he's not writing, he enjoys experimenting with new tech tools and diving into the digital landscape.

Related Posts

Comments are closed.