Japanese Space Agency JAXA hacked in summer cyberattack


The Japan Aerospace Exploration Agency (JAXA) was hacked in a cyberattack over the summer, which may have put sensitive space-related technology and data at risk.

The security breach was discovered this autumn when law enforcement authorities alerted Japan’s space agency that its systems were compromised, as first reported by The Yomiuri Shimbun.

Confirming the infiltration, Chief Cabinet Secretary of Japan Hirokazu Matsuno revealed in a press conference that the attackers gained access to the agency’s Active Directory (AD) server, a crucial component overseeing JAXA’s network operations.

This server likely contains critical information like employee credentials, significantly increasing the breach’s potential impact.

In response to the incident, JAXA is now working with government cybersecurity experts and law enforcement as part of an ongoing investigation to determine the extent of the security compromise.

Although no data leak linked to the JAXA breach has been confirmed, a JAXA official expressed concerns, stating, “As long as the AD server was hacked, it was very likely that most of the information was visible. This is a very serious situation.”

Targeted by Chinese state hackers in 2016 and 2017

While the cyberattack has yet to be attributed, it aligns with a concerted cyberespionage effort to harvest and steal sensitive information stored on the agency’s servers.

Established in 2003, JAXA is Japan’s national aerospace research and development institution. In 2012, its mandate had been expanded to encompass military space development, including the development of space-based missile early warning systems.

This incident isn’t the agency’s first brush with security breaches as it was also attacked in 2016 and 2017 when nearly 200 Japanese defense-related research institutions and firms were the targets of a widespread cyber assault.

The Japanese Metropolitan Police Department attributed the attacks to a group of Chinese military hackers identified as Tick, also known by aliases BRONZE BUTLER and STALKER PANDA, in April 2021.

In September 2023, US and Japanese law enforcement and cybersecurity agencies warned in a joint advisory that Chinese state-backed BlackTech hackers were backdooring corporate network devices.



Source link