Japan space agency impacted by cyberattack

Japan's national space agency, the Japan Aerospace Exploration Agency (JAXA), has confirmed that it's been targeted by a cyberattack. JAXA emphasized that despite the breach, critical information related to rocket and satellite operations remained secure and was not accessed by the hackers.

The attackers have used a  vulnerability in JAXA's network equipmen to achieve unauthorized access, but specific details, including the precise timing of the cyberattack are not disclosed.

The issue came to light after JAXA received a warning from an unnamed external organization. This prompted JAXA to conduct an internal investigation to assess the extent of the breach.

Various Japanese media outlets suggest that the cyberattack took place during the summer but JAXA was not informed until the autumn.

Update - as of 11th July 2024, JAXA updates that the incident was facilitated by exploiting vulnerabilities in their VPN devices and Microsoft 365 security. The attackers used multiple unknown malwares, which complicated detection and response efforts. JAXA's cybersecurity defenses did not detect the breach during or after the incident.

 Following the breach, JAXA identified that personal information of its employees might have been compromised, although the extent of data accessed remains uncertain.