Initial Disclosure Date: Jul 10, 2013
On April 18, 2013, the Japan Aerospace Exploration Agency (JAXA) found out that somebody had hacked into a server connected to the Internet during its periodic inspection. (footnote:1)
According to a press release by the JAXA dated July 2nd, the culprit hacked into five information systems between April 13th and 22nd, using a legitimate ID and password. As a result, the attacker stole technical information on the Japanese Experiment Module KIBO and H-II Transfer Vehicle KONOTORI for the International Space Station as well as email addresses of JAXA officials. (footnote:2)
After April 13th, brute force attacks were launched against the information system of a JAXA section that runs KIBO via China and the United States. (footnote:3) They successfully stole some information, which includes an ID and a password of a JAXA official. The culprit used them to hack into the other four information systems. (footnote:4)
The JAXA decided to reconstruct the information system for KIBO and KONOTORI to prevent this type of incident. The Agency will also introduce a multi-layered security system, enhance their information security, and provide information security education with their officials. (footnote:5)
While the 2013 incident used brute force attacks, a 2011 incident against the JAXA used a business card of a JAXA official to send a phishing email. In March 2011 right after the Great East Japan Earthquake, an official who works at the JAXA Tsukuba Space Center received an email named “Flash Report on the Earthquake.” He immediately opened the attached PDF file and ended up with malware infection. (footnote:6)
In fact, the black market is growing to deal with business cards of researchers who work at a major company or research institute, which is often targeted by Advanced Persistent Threats. Yet, since the Japanese government decreases funding for researches, scholars have to hand out a lot of business cards to sell their name and research. This situation makes it difficult for them to give up putting their email address on their business card. (footnote:7)
Sources:
日立システムズは、システムのコンサルティングから構築、導入、運用、そして保守まで、ITライフサイクルの全領域をカバーした真のワンストップサービスを提供します。