Japan Aerospace Exploration Agency (JAXA) recently experienced a cyber attack, suspected to be a ransomware variant. The details of the attack are still under investigation, but it is believed that the breach occurred during the summer and was only discovered during routine IT audits. Reports suggest that the attack may have exploited vulnerabilities in the Active Directory Servers and involved the illicit acquisition of credentials through phishing or other means. This incident bears resemblance to a previous cyber attack in 2016 and 2017, which was linked to the Chinese People’s Liberation Army. In response, JAXA has notified law enforcement and government officials and has temporarily shut down its intranet services to contain the potential repercussions. This attack is part of a larger surge in cyber threats targeting Japanese companies in 2023, including Seiko, Yamaha, Casio, and EISAI.
Key points:
1. Japan Aerospace Exploration Agency (JAXA) recently fell victim to a cyber attack believed to be ransomware.
2. The breach was discovered during routine IT audits, highlighting the sophistication of the attack.
3. Reports suggest that the attack may have exploited vulnerabilities in Active Directory Servers and involved the illicit acquisition of credentials.
4. This incident is similar to a previous cyber attack linked to the Chinese People’s Liberation Army.
5. JAXA has promptly notified authorities and temporarily shut down its intranet services as a precautionary measure.