Cyber-Attack Hit Japan Space Agency JAXA’s Central Server This Summer

Yomiuri Shimbun file photo
The logo of the Japan Aerospace Exploration Agency

A cyber-attack hit the Japan Aerospace Exploration Agency this summer, raising fears that sensitive information related to Japan’s space program had been exposed, according to sources.

The central server known as Active Directory that manages JAXA’s network had been illegally accessed, the sources close to the agency said.

JAXA is working with the central government and police to quickly uncover the full extent of the problem, they said.

Connected to the organization’s main network, the directory manages information such as employee IDs and passwords, as well as viewing privileges.

The police detected the unauthorized access in autumn and reported it to JAXA.

The illegal access is believed to have occurred around summer, but JAXA was unaware of the attack until the police contacted the agency, according to the sources.

A full investigation was launched after JAXA reported the cyber-attack to the Education, Culture, Sports, Science and Technology Ministry, which has jurisdiction over the agency.

Although no large-scale information leakage has been confirmed at this stage, an official related to JAXA said: “As long as the AD server was hacked, it was very likely that most of the information was visible. This is a very serious situation.”

JAXA plans to clarify the actual situation and to check the vulnerability of the network as soon as possible, the sources said.

Established in 2003, JAXA is a national research and development corporation that plays a central role in Japan’s space program.

JAXA has been extensively involved in rocket launches, manned space exploration and asteroid exploration. In recent years, the agency has been working with the Defense Ministry in security, including satellite and space debris monitoring.

The agency was also a target when Japanese defense-related companies suffered large-scale cyber-attacks in 2016 and 2017.

In April 2021, the Metropolitan Police Department concluded that a hacker group under the direction of the Chinese military was the source of those cyber-attacks.

The MPD sent papers on a Chinese Communist Party member to the Tokyo District Public Prosecutors Office on suspicion of illegally creating and providing private electronic records. The case against the man was dropped in October of that year.

The source of this summer’s cyber-attack has not yet been identified, but it is likely that the attack was aimed at sensitive information in JAXA’s possession.

The government is seeking early passage of a bill in the current Diet session to establish a ¥1 trillion fund for JAXA to boost the domestic space industry. Strengthening cybersecurity is an urgent task for JAXA.