Japanese cybersecurity authorities raised an alarm Wednesday over a China-linked hacker group called MirrorFace, saying it has struck 210 targets in Japan since 2019.

Analyses of the targets and methods and malware used by the hackers suggested that the attacks were an organized activity with a suspected link to the Chinese government to steal information on national security and cutting-edge technologies from Japan, the National Police Agency and the National Center of Incident Readiness and Strategy for Cybersecurity said.

According to the authorities, MirrorFace sent emails attached with malware to 173 targets including the Foreign and Defense Ministries, think tanks and politicians between December 2019 and July 2023, as well as since June last year.

In many cases, senders pretended to be experts or former senior officials from the recipients' organizations. Many emails had titles referring to contemporary international affairs, including phrases such as "Japan-U.S. alliance" and "Taiwan Strait," or saying they were invitations to conferences or membership lists.

MirrorFace was also confirmed to have infiltrated the networks of 37 entities mainly in the semiconductor and information-communications sectors between February and October 2023. The Japan Aerospace Exploration Agency, or JAXA, was also among the victims, people familiar with the matter said.

Internal information may have been exposed in these attacks, which took advantage of vulnerabilities in virtual private network equipment, experts said.