Washington and Tokyo have vowed to intensify their cooperation on cybersecurity, while signaling that the United States could come to the aid of Japan if it faced a serious computer-based attack.
Malicious cyber activity poses an increasing threat to the security and prosperity of both the United States and Japan, according to a joint statement issued after a “two-plus-two” meeting in Washington, DC, on April 19. The Security Consultative Committee meeting brought Mike Pompeo, the U.S. secretary of state, and Patrick Shanahan, the acting U.S. defense secretary, together with their Japanese counterparts, Foreign Minister Taro Kono and Defense Minister Takeshi Iwaya.
The ministers expressed concern about “rapidly evolving technological advancement in new domains, including space, cyberspace, and the electromagnetic spectrum.” They held that these challenges should be addressed jointly “to ensure the Alliance’s superiority in a contingency and to safeguard our institutions and rules-based order during peacetime.”Enjoying this article? Click here to subscribe for full access. Just $5 a month.
Both sides agreed to enhance cooperation on cyberspace issues, including deterrence and response capabilities, according to the joint statement, “but as a matter of priority, emphasized that each nation is responsible for developing the relevant capabilities to protect their national networks and critical infrastructure.”
The meeting considered how the existing provisions of the security treaty between the United States and Japan could be applied to emerging threats. Article Five of their Treaty of Mutual Cooperation and Security, signed in 1960, said that Japan and the United States each recognized “that an armed attack against either Party in the territories under the administration of Japan would be dangerous to its own peace and safety.” In the same article of that treaty, each side declared “that it would act to meet the common danger in accordance with its constitutional provisions and processes.”
During the April 19 meeting, the ministers “affirmed that international law applies in cyberspace and that a cyber attack could, in certain circumstances, constitute an armed attack for the purposes of Article V of the U.S.-Japan Security Treaty.” A decision as to whether a particular cyberattack rose to that level of seriousness would be made on a case-by-case basis.
Iwaya, the Japanese defense minister, told reporters that the agreement on Article Five coverage was “significant from the perspective of deterrence.”
The focus on cybersecurity reflects growing concerns among policymakers about the potentially devastating impact of attacks on critical infrastructure or communication networks, at a time when businesses, utilities, government entities, and the general public are increasingly reliant on digital technology.
Japan’s latest annual defense white paper said state-sponsored cyberattacks had been on the rise in recent years and were becoming more sophisticated. The white paper, published last August, said cyberattacks on telecommunication networks of government and military forces, or on critical infrastructure, “could have a serious effect on the security of states.”
As a result, the issue was a key focus in Japan’s revised National Defense Program Guidelines, published last December. The Guidelines indicated that Japan’s Self-Defense Forces (SDF) would maintain a cyberspace defense unit “in order to conduct persistent monitoring of SDF’s information and communications networks as well as to fundamentally strengthen cyber defense capability, including capability to disrupt, during [an] attack against Japan, [an] opponent’s use of cyberspace for the attack.”
The most recent Worldwide Threat Assessment of the U.S. Intelligence Community concluded that adversaries and strategic competitors would increasingly use cyber capabilities – including cyber espionage, attack, and influence – to seek political, economic, and military advantage over the United States and its allies and partners. The assessment, published in January, continued: “China, Russia, Iran, and North Korea increasingly use cyber operations to threaten both minds and machines in an expanding number of ways – to steal information, to influence our citizens, or to disrupt critical infrastructure.”
At a joint media conference after the two-plus-two meeting, Shanahan elaborated on the challenge in the following terms:
And while cyber, like space, carries enormous potential, it also is a vulnerability. These domains are absolutely critical for securing our future, and we are not sitting back while our Chinese and Russian counterparts or competitors aim to disrupt and weaponize them. These domains offer real opportunities for alliance collaboration. We are aligned in our view on this, and we are working together to adapt, integrate, and deploy capabilities faster.
Some experts warned of the difficulty in quickly attributing blame for cyberattacks. Takahisa Kawaguchi, a senior researcher at Tokio Marine & Nichido Risk Consulting Co., told the Asahi Shimbun: “In order for Japan and the United States to respond to an attack jointly, there will be a need to identify the attacker, but because it would be difficult to make an immediate identification, a political decision would likely be required in the end.”
While cybersecurity was one of the key areas of attention in the two-plus-two meeting, the ministers canvassed a range of other issues affecting the bilateral security relationship. They pledged to work together bilaterally and multilaterally to pursue their shared vision of a “free and open Indo-Pacific” and expressed strong opposition to “unilateral coercive attempts to alter the status quo” in the South China Sea and East China Sea.
The meeting also touched on the politically contentious issue of U.S. military bases in Okinawa, Japan’s southernmost prefecture. The ministers reconfirmed their support for the long-standing plan to relocate the U.S. Marine Corps Air Station Futenma to the coastal area of Henoko, even after 72 percent of Okinawan voters opposed the work associated with the project in a non-binding referendum held on February 24. The ministers, according to the statement, “underscored their strong determination to achieve its completion as soon as possible.”