By Sofiya Sayankina

Copyright thediplomat

With attention on tariff negotiations, Japan’s upper house elections, and Prime Minister Ishiba Shigeru’s resignation, Japan’s enactment of Active Cyber Defense (ACD) legislation in May 2025, although an overdue and a welcome move, has remained under the radar. Japan, whose military is restricted to the use of force for self-defense by its own constitution, had long been exposed to cyber threats without adequate means to respond. Cyberattacks in recent years have ranged from espionage and operational disruption to ransomware attacks and cryptocurrency theft. More importantly, such constraints restricted the scope of cooperation with allies on cyber issues and in multidomain operations. Japan has previously been described as minor league player and assigned the lowest tier in cyber defense. ACD now provides Japan with a much-needed defense mechanism against active cyber threats. China, North Korea, and Russia – all notorious for their state-sponsored cyber operations – have been increasingly targeting the Indo-Pacific, exacerbating the region’s already complicated security environment. Tokyo had been discussing ACD since it was first proposed in the National Defense Strategy in 2022. Among others, key changes under ACD authorize remote access to and neutralization of attacker’s infrastructure. They also require critical sector organizations to report cyber incidents and organizational restructuring. Another change allows data collection of foreign sources. This aspect significantly broadens possibilities of data sharing between like-minded countries and further increases the potential for deterrence cooperation with the United States and other allies. Both the U.S. and Japan intend “to expand bilateral security cooperation in cyberspace by leveraging new technologies such as artificial intelligence and secure and resilient cloud services to deepen information-sharing” as reflected in the Joint Leaders’ Statement issued earlier this year. Japanese Defense Minister Nakatani Gen and U.S. Defense Secretary Pete Hegseth agreed to boost cybersecurity cooperation during the Asia Security Summit following the enactment of ACD in May. Additionally, the scope of the 10th U.S.-Japan Cyber Dialogue has been expanded to include discussions of “countering malicious cyber activities,” highlighting a change in the scope of cooperation compared to the previous meetings. With the increased importance placed on public-private partnerships (PPPs) in cyberspace and, by extension, in Japan’s new ACD framework, the 10th Cyber Dialogue marked the first time that industry representatives were invited to attend the event. As Japan still lacks expert cybersecurity personnel and wide implementation of secure digital services, establishing transparent and proactive incident information sharing supported by careful regulation and best practices is vital for successful public-private cooperation both within Japan and with U.S. partners. ACD is also crucial for the new Multi-Domain Task Force (MDTF) headquarters in Japan. For multidomain operations, cyber is not only one of the domains of operations, but also an increasingly important functional tool used in other domains. Making MDTF Japan fully operational and further linking it to the potential Multi-Domain Effects Battalion (MDEB) in South Korea requires wider intelligence and information sharing framework which ACD now provides. While ACD also removes structural barriers to cooperation, at the same time it is supposed to gradually reduce Japan’s overreliance on U.S. cyberdefense systems – especially important in light of cuts to CISA personnel and budgets. Additionally, as the Donald Trump administration prepares its 2025 National Defense Strategy, its focus is expected to be not only on strengthening cyber capabilities amid intensifying geopolitical competition and digital threats but also on increasing burden-sharing with allies and partners around the world. As its core security ally and strategic partner, fostering cooperation with the U.S. has always been of the highest priority for Japan. Even though the two countries’ views on the role of the military in cyber have been at the opposite ends of the spectrum – with the U.S. embracing its “digital cult of the offensive” – ACD emphasizes cyber resilience and awareness and provides Japan with an opportunity for joint response in case of a successful cyberattack. Likewise, the previous 2+2 Ministerial Meeting in 2019 also reaffirmed that “a cyberattack could, in certain circumstances, constitute an armed attack for the purposes of Article 5 of the Japan-U.S. Security Treaty.” ACD has opened more opportunities for cyber cooperation with other countries as well. Another welcome change is the potential to actively utilize the cyber component in multidomain exercises such as trilateral Freedom Edge (which also includes South Korea) and formalize cyber cooperation with allies in the Indo-Pacific. At their latest 2+2 meeting in early September 2025, Japan and Australia agreed to deepen cybersecurity collaboration, while Japan’s defense-focused partnership with the U.K. under the Hiroshima Accord is also looking to further expansion through shared threat intelligence frameworks, joint capacity-building programs and joint responses to state-sponsored cyberattacks. To counter China’s move from industrial cyber espionage toward more strategic use of cyberattacks and North Korea’s cryptocurrency theft, which is used at least in part to sustain its missile and nuclear programs, the new law allows preemptive measures against the attackers and a more organized response to cyber incidents. Russia has also reportedly accelerated its disinformation activity targeting Japan as a part of its global influence operations. These operations require a streamlined response from domestic stakeholders and international allies. As restrictions on data collection of foreign sources have been lifted, Japan has also been able to expand cyber cooperation with NATO. The two sides started intelligence sharing on China, Russia and North Korea’s cyberattacks to improve joint cyber defenses. Combining NATO’s expertise on cyber issues and Japan’s familiarity with Indo-Pacific affairs has the potential to contribute to better understanding of the patterns and motives of the adversaries and support preemptive measures to a variety of cyberattacks that, as a part of hybrid warfare, often involve both physical infrastructure and influence operations. As previously suggested, the U.S. and Japan might also jointly contribute to development of digital infrastructure in third countries via official development assistance (ODA) packages, thus supporting overall cybersecurity and reducing reliance on China’s infrastructure development projects in the Indo-Pacific region. Fostering collaboration with Australia on cybersecurity through enhancing digital infrastructure and cybersecurity of Pacific nations is another way for Japan to protect its national segment of cyberspace from hybrid threats. However, the constraints to Japan’s cybersecurity are unlikely to be immediately resolved, even with the enactment of ACD and efforts to boost cyber cooperation with the U.S. and other allies. A few challenges remain. For almost two decades, Japan could not take the same direction in its national cybersecurity development as other states due to legal constraints, public opinion on the application of Article 9, and regional concerns of its remilitarization. The country’s overall cyber capabilities, its understaffed cyber forces, funding limitations, and lack of experience for the time being will undoubtedly limit the scope of its cyber defenses, integration of private sector services, and the scale of cooperation with the U.S. and like-minded countries. Such challenges are not unique to Japan, as some Western democracies were also slow in adapting their national security priorities to the era of cyberwarfare. However, Japan had been less exposed to influence operations due the language barriers and difficulties in navigating Japan’s digital space. It had to gradually build an understanding that it is “no longer possible to separate research for military from research unrelated to the military” in technological applications and digital services. Thus, the country is yet to establish its cyber-military foundation, and – more importantly – it still lacks a robust cyber intelligence system, including signals intelligence (SIGINT). In cyberspace, where the role of main security actor is played by intelligence agencies rather than military forces, Japan has to gain expertise along with formalizing an operational framework that is not only necessary for cyber defense and deterrence but also crucial in case of a military conflict in the Indo-Pacific. This should be the new government’s next priority.