Tag: computer hack

The recent computer hack of the European Space Agency was bigger than it admitted

9:00 am

After the European Space Agency (ESA) claimed in December that a computer hack that stole about 200 gigabytes of data was “limited,” it turns out that the agency had been hacked more than once preveious this past fall, and that the data stolen was far larger and apparently not limited at all.

The European Space Agency on Wednesday confirmed yet another massive security breach, and told The Register that the data thieves responsible will be subject to a criminal investigation. And this could be a biggie.

Earlier in the week, Scattered Lapsus$ Hunters told us that they gained initial access to ESA’s servers back in September by exploiting a public CVE, and stole 500 GB of very sensitive data. This, we’re told, includes operational procedures, spacecraft and mission details, subsystems documentation, and proprietary contractor data from ESA partners including SpaceX, Airbus Group, and Thales Alenia Space, among others.

And, according to the crims, the security hole remains open, giving them continued access to the space agency’s live systems.

“ESA is in the process of informing the judicial authorities having jurisdiction over this cyber incident to initiate a criminal inquiry,” an ESA spokesperson said via email. The agency declined to answer The Register’s specific questions about the intruders’ claims.

The article at the link outlines a slew of other hacks at ESA over the last decade. The agency seems unable to clean up its act.

2 comments

European Space Agency hacked

8:43 am

It appears some of the European Space Agency’s (ESA) servers have been hacked, with some of its internal data placed for sale on the web.

On 26 December, reports began to emerge on X claiming that ESA had suffered a significant data breach, with a hacker using the alias “888” offering more than 200 gigabytes of data for sale. According to the hacker’s listing, the allegedly compromised data included source code for proprietary software, sensitive project documentation, API tokens, and hardcoded credentials.

ESA has since issued a statement claiming the data breach was limited, but according to information posted on X, the breach included “Confidential internal documents (Airbus Defence & Space, Thales Alenia Space)” and “sensitive technical information related to space programs.”

I wouldn’t be surprised if China is bidding for this information right now. Then again, Europe’s space effort is so unimpressive compared to China that China might not see the information worth much.

14 comments

More details revealed of computer hacking of Japan’s space agency last year

9:24 am

According to a news article yesterday, the hacking of the computer systems of Japan’s space agency JAXA last year was far more extensive than first revealed, involving multiple attacks that obtained a great deal of data from many third parties, both governmental and commercial, and included the takeover of the accounts of five of JAXA’s nine-member board.

In the first attack, hackers stole the personal data of about 5,000 employees of JAXA and its related companies—nearly everyone with personal data on the computer network at the time. A JAXA investigation found that hackers took over accounts of about 200 of those individuals, including many senior JAXA officials, and gained unauthorized access to information, the sources said. The 200 hijacked accounts included those of about five directors on the nine-member board at the time, including President Hiroshi Yamakawa, the sources said. Hackers apparently targeted the accounts of directors and other senior officials who are authorized to access information on JAXA’s negotiations with outside parties, the sources said.

…According to the in-house investigation, Microsoft Corp.’s cloud service Microsoft 365 was compromised in the June 2023 cyberattack. More than 10,000 files of information stored on Microsoft 365 could have been leaked, the sources said. Of those, more than 1,000 files were provided by outside parties, including more than 40 companies and organizations with which JAXA had concluded non-disclosure agreements. Thse 40-plus entities include NASA, the European Space Agency, Toyota Motor Corp., Mitsubishi Heavy Industries Ltd. and the Defense Agency.

The source of the attacks was not indicated, but based on past hacks both of JPL and JAXA, China is the prime suspect. That country has routinely worked to steal technology from others. We should therefore not be surprised if Chinese space designs continue to resemble western concepts, down to the smallest nails.

2 comments

Japan’s space agency reveals it was hacked in 2023

9:02 am

Japan’s space agency JAXA today revealed that beginning in 2023 and periodically into this year it has been attacked repeatedly by hackers, with data from more than 10,000 files stolen.

Attacks occurred in June 2023 and multiple times a year, although investigations are ongoing regarding whether more information was stolen in this year’s attacks.

In addition to internal data, potentially compromised entities include NASA, Toyota Motor Corp., Mitsubishi Heavy Industries Ltd. and the Defense Ministry, with which JAXA has nondisclosure agreements. Information from numerous aerospace and defense-related organizations and companies was also exposed.

JAXA stated that no sensitive information related to national security or rocket technologies was stolen in last year’s breach. Personal data of approximately 5,000 JAXA personnel and employees from partner companies was used to access the Microsoft 365 accounts of JAXA executives.

It appears JAXA officials only found out about the attack when police told them about it months after the June 2023 attack. Agency officials now say no sensitive rocket or satellite data was stolen. Instead, it appears the attack targeted personal communications as well as research facilities.

The report provided no indication about the source of these attacks, but noted that a 2016 attack is known to have come from China.

One comment

Japan’s space agency JAXA was hacked this summer

10:12 am

According to officials of Japan’s space agency JAXA, its computer system was hacked this summer but only learned of that break-in recently.

The illegal access is believed to have occurred around summer, but JAXA was unaware of the attack until the police contacted the agency, according to the sources. A full investigation was launched after JAXA reported the cyber-attack to the Education, Culture, Sports, Science and Technology Ministry, which has jurisdiction over the agency.

Although no large-scale information leakage has been confirmed at this stage, an official related to JAXA said: “As long as the AD server was hacked, it was very likely that most of the information was visible. This is a very serious situation.”

Earlier hacks to JAXA’s systems have also occurred in 2016 and 2017, with the culprits identified as working under the direction of the Chinese military. It is very likely that China is involved this time as well. China has previously been identified as the perpetrator of hacks of JPL from 2009 to 2019, during which much of JPL’s files on its planetary missions was stolen. It was thus no surprise when later Chinese planetary missions looked like upgraded copycats of those missions.

Why China is attempting to steal anything from Japan’s space program is puzzling however, considering its recent failures. If anything, China’s space program is presently far more advanced than Japan’s, and it should be Japan trying to steal from China.

6 comments

Government still hasn’t notified individuals whose personal data was hacked

10:15 pm

Government marches on! Months after the federal government admitted publicly that the personal data of more than 20 million government employees had been hacked they still have not sent notifications to those millions.

Instead, they’ve turned this into an opportunity to spend taxpayer money for their friends!

The agency whose data was hacked, the Office of Personnel Management (OPM), said the Defense Department will begin “later this month” to notify employees and contractors across the government that their personal information was accessed by hackers. OPM said notifications would continue over several weeks and “will be sent directly to impacted individuals.”

OPM also announced that it hired a contractor to help protect the identities and credit ratings of employees whose data was hacked. In a statement, OPM said it had awarded a contract initially worth more than $133 million to a company called Identity Theft Guard Solutions LLC, doing business as ID experts, for identity theft protections for the 21.5 million victims of the security data breach. The contractor will provide credit and identity monitoring services for three years, as well as identity theft insurance, to affected individuals and dependent children aged under 18, the agency said.

I wonder if Theft Guard Solutions donated campaign money to Obama in order to get the contract. I don’t know, but I wouldn’t be surprised. I also wonder if they are as incompetent at this work as the company the Obama administration hired to build the Obamacare website. I also don’t know this, but I also wouldn’t be surprised if they screw up just as badly.

One comment

CIA admits it hacked the Senate’s computers

12:40 pm

These people should be fired, then imprisoned: The CIA today admitted that illegally hacked into the Senate’s computer system.

Oh wait, I have a better idea! Let’s put them in charge of our healthcare and patrolling the borders and our tax system and space exploration and climate research and any number of other important issues of the day in which we need honesty, ethics, reliability, and competence!

2 comments