More details revealed of computer hacking of Japan’s space agency last year

According to a news article yesterday, the hacking of the computer systems of Japan’s space agency JAXA last year was far more extensive than first revealed, involving multiple attacks that obtained a great deal of data from many third parties, both governmental and commercial, and included the takeover of the accounts of five of JAXA’s nine-member board.

In the first attack, hackers stole the personal data of about 5,000 employees of JAXA and its related companies—nearly everyone with personal data on the computer network at the time. A JAXA investigation found that hackers took over accounts of about 200 of those individuals, including many senior JAXA officials, and gained unauthorized access to information, the sources said. The 200 hijacked accounts included those of about five directors on the nine-member board at the time, including President Hiroshi Yamakawa, the sources said. Hackers apparently targeted the accounts of directors and other senior officials who are authorized to access information on JAXA’s negotiations with outside parties, the sources said.

…According to the in-house investigation, Microsoft Corp.’s cloud service Microsoft 365 was compromised in the June 2023 cyberattack. More than 10,000 files of information stored on Microsoft 365 could have been leaked, the sources said. Of those, more than 1,000 files were provided by outside parties, including more than 40 companies and organizations with which JAXA had concluded non-disclosure agreements. Thse 40-plus entities include NASA, the European Space Agency, Toyota Motor Corp., Mitsubishi Heavy Industries Ltd. and the Defense Agency.

The source of the attacks was not indicated, but based on past hacks both of JPL and JAXA, China is the prime suspect. That country has routinely worked to steal technology from others. We should therefore not be surprised if Chinese space designs continue to resemble western concepts, down to the smallest nails.

Japan’s space agency reveals it was hacked in 2023

Japan’s space agency JAXA today revealed that beginning in 2023 and periodically into this year it has been attacked repeatedly by hackers, with data from more than 10,000 files stolen.

Attacks occurred in June 2023 and multiple times a year, although investigations are ongoing regarding whether more information was stolen in this year’s attacks.

In addition to internal data, potentially compromised entities include NASA, Toyota Motor Corp., Mitsubishi Heavy Industries Ltd. and the Defense Ministry, with which JAXA has nondisclosure agreements. Information from numerous aerospace and defense-related organizations and companies was also exposed.

JAXA stated that no sensitive information related to national security or rocket technologies was stolen in last year’s breach. Personal data of approximately 5,000 JAXA personnel and employees from partner companies was used to access the Microsoft 365 accounts of JAXA executives.

It appears JAXA officials only found out about the attack when police told them about it months after the June 2023 attack. Agency officials now say no sensitive rocket or satellite data was stolen. Instead, it appears the attack targeted personal communications as well as research facilities.

The report provided no indication about the source of these attacks, but noted that a 2016 attack is known to have come from China.

Japan’s space agency JAXA was hacked this summer

According to officials of Japan’s space agency JAXA, its computer system was hacked this summer but only learned of that break-in recently.

The illegal access is believed to have occurred around summer, but JAXA was unaware of the attack until the police contacted the agency, according to the sources. A full investigation was launched after JAXA reported the cyber-attack to the Education, Culture, Sports, Science and Technology Ministry, which has jurisdiction over the agency.

Although no large-scale information leakage has been confirmed at this stage, an official related to JAXA said: “As long as the AD server was hacked, it was very likely that most of the information was visible. This is a very serious situation.”

Earlier hacks to JAXA’s systems have also occurred in 2016 and 2017, with the culprits identified as working under the direction of the Chinese military. It is very likely that China is involved this time as well. China has previously been identified as the perpetrator of hacks of JPL from 2009 to 2019, during which much of JPL’s files on its planetary missions was stolen. It was thus no surprise when later Chinese planetary missions looked like upgraded copycats of those missions.

Why China is attempting to steal anything from Japan’s space program is puzzling however, considering its recent failures. If anything, China’s space program is presently far more advanced than Japan’s, and it should be Japan trying to steal from China.

Government still hasn’t notified individuals whose personal data was hacked

Government marches on! Months after the federal government admitted publicly that the personal data of more than 20 million government employees had been hacked they still have not sent notifications to those millions.

Instead, they’ve turned this into an opportunity to spend taxpayer money for their friends!

The agency whose data was hacked, the Office of Personnel Management (OPM), said the Defense Department will begin “later this month” to notify employees and contractors across the government that their personal information was accessed by hackers. OPM said notifications would continue over several weeks and “will be sent directly to impacted individuals.”

OPM also announced that it hired a contractor to help protect the identities and credit ratings of employees whose data was hacked. In a statement, OPM said it had awarded a contract initially worth more than $133 million to a company called Identity Theft Guard Solutions LLC, doing business as ID experts, for identity theft protections for the 21.5 million victims of the security data breach. The contractor will provide credit and identity monitoring services for three years, as well as identity theft insurance, to affected individuals and dependent children aged under 18, the agency said.

I wonder if Theft Guard Solutions donated campaign money to Obama in order to get the contract. I don’t know, but I wouldn’t be surprised. I also wonder if they are as incompetent at this work as the company the Obama administration hired to build the Obamacare website. I also don’t know this, but I also wouldn’t be surprised if they screw up just as badly.

CIA admits it hacked the Senate’s computers

These people should be fired, then imprisoned: The CIA today admitted that illegally hacked into the Senate’s computer system.

Oh wait, I have a better idea! Let’s put them in charge of our healthcare and patrolling the borders and our tax system and space exploration and climate research and any number of other important issues of the day in which we need honesty, ethics, reliability, and competence!