Japan’s space agency hit by cyberattack

Siva Ramakrishnan
The unknown hackers reportedly targeted the agency’s network server but failed to gain access to sensitive information. JAXA is responsible for developing and launching satellites into orbit and is also involved in advanced missions such as asteroid exploration and potential human exploration of the moon.

Japan’s aerospace exploration agency (JAXA) was hit by a cyberattack, a government representative said during the briefing on Wednesday.

The unknown hackers reportedly targeted the agency’s network server but failed to gain access to sensitive information. JAXA is responsible for developing and launching satellites into orbit and is also involved in advanced missions such as asteroid exploration and potential human exploration of the moon.

JAXA did not disclose the exact timing of the incident, but sources within the agency told Japanese media that the system was likely hacked during the summer. They only became aware of the hack when contacted by law enforcement this fall.

According to Japanese newspaper Yomiuri Shimbun, the hackers gained unauthorized access to JAXA’s central Active Directory server. The directory manages information such as employee IDs and passwords, as well as viewing privileges.

Another local media outlet, Nippon, reported that the hackers allegedly exploited a vulnerability disclosed by a network equipment manufacturer in June of this year, citing sources within the agency. The manufacturer’s name wasn’t mentioned.

During the investigation, the agency temporarily shut down a part of its network to assess the extent of the incident. An official at the agency said no data leaks have been confirmed so far. JAXA did not respond to the request for comment.

As of now, its website is up and running, and the agency has even published a press release today regarding the rescheduling of the rocket launch due to weather conditions.

This is not the first time JAXA has been hit by a cyberattack. In 2016 and 2017, it was among 200 Japanese companies and research institutes allegedly targeted by Chinese military hackers.

In the JAXA case, a Chinese systems engineer based in Japan allegedly gained access to a rental server by registering under a false identity to launch the cyberattacks, investigators said. The case against the man was dropped in October 2021 without specifying the reason.

The attack on JAXA comes amid a wave of incidents targeting large Japanese companies in recent months.

Earlier in November, Japan’s manufacturing giant Aviation Electronics said that it was hit by a cyberattack. In August, suspected Chinese hackers breached Japan’s cybersecurity agency and potentially accessed sensitive data stored on its networks for nine months.

Other Japanese companies targeted by hackers include Yamaha, Seiko, Casio, pharmaceutical company Eisai, and the largest trading port in Japan.

BriefsCybercrimeGovernment
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Daryna Antoniuk
is a freelance reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.

 

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Experts warn of critical ownCloud vulnerability being exploited

Next Post

British Afrobeat singer pleads guilty to stealing $6 million in hacks on financial accounts

Related Posts

BreachForums Returns Just Weeks After FBI Seizure – Honeypot or Blunder?

The online criminal bazaar BreachForums has been resurrected merely two weeks after a U.S.-led coordinated law enforcement action dismantled and seized control of its infrastructure. Cybersecurity researchers and dark web trackers Brett Callow, Dark Web Informer, and FalconFeeds revealed the site's online return at breachforums[.]st – one of the dismantled sites – by a user named ShinyHunters,
Avatar
Read More