Japanese Space Agency Investigates Active Directory HackPolice Detected Hack and Notified Consolidated JAXA Space Agency
The Japanese space exploration agency is investigating a cyberattack this summer that reportedly targeted an Active Directory server. Police detected the attack and alerted the space agency, which claims hackers did not access any personal information.
Chief Cabinet Secretary of Japan Hirokazu Matsuno today announced in a press conference that the Japan Aerospace Exploration Agency had been the subject of a cyberattack that targeted an internal server and that the agency had initiated a partial network shutdown to investigate the incident.
He said the government had directed JAXA to implement countermeasures and is providing expertise and support to help the agency investigate the cybersecurity incident. "JAXA believes that no personal information was involved," Matsuno added.
Formed in 2003 through a merger of three national aerospace research agencies, JAXA conducts space research, satellite development and outer space exploration. The agency has also participated in environmental research, earth observation and testing of communication technologies.
A source close to JAXA told Japanese news agency Yomiuri Shimbun that during the summer threat actors had targeted a central Active Directory server that was connected to the organization's main network and managed employee IDs and passwords and viewing privileges.
"As long as the AD server was hacked, it was very likely that most of the information was visible. This is a very serious situation," an unnamed JAXA official told the news agency. The incident was reported to the Ministry of Education, Culture, Sports, Science and Technology.
The attack occurred days after the government had announced plans to establish a 10-year, $6.6 billion fund to help JAXA boost space research and development activities. "We believe it is a necessary fund to speed up our country's space development, so we don't lag behind the increasingly intensifying international competition," said Sanae Takaichi, minister in charge of space development.
In its national security strategy in December 2022, Japan identified space as a strategic frontier and proposed tighter cooperation between JAXA and the Self-Defense Forces to better respond to security threats. Recognizing space as indispensable for economic and social progress, the government said it will "drive forward measures to capitalize on Japan's overall space-related capabilities in the field of security."
JAXA and its research program are prime targets for nation-state espionage attacks. Japanese authorities in 2021 accused Chinese military spies of breaching the networks of more than 200 domestic companies engaged in defense and aviation research, including JAXA.
The latest cyberattack, which JAXA failed to detect on its own, raises concerns over rising threats to research agencies worldwide. S. Somanath, chairman of the Indian Space Research Organization, told The Times of India in October that his agency faces more than 100 hacking attempts a day.
In August, U.S. intelligence agencies also warned that unnamed foreign intelligence entities had targeted the private space sector to steal sensitive data related to satellite payloads and disrupting and degrading U.S. satellite capabilities (see: Foreign Intelligence Entities Eyeing US Space Agencies).