Photo/Illutration A logo of Japan Aerospace Exploration Agency (JAXA) is seen in front of an entrance at the JAXA Tokyo Office in Chiyoda Ward. (Asahi Shimbun file photo)

Hackers behind a cyberattack on the Japan Aerospace Exploration Agency last year hijacked the accounts of about five board directors, including its president, apparently to access information on space exploration and national security, sources said.

Japan’s space agency has been hit by four cyberattacks since June 2023.

In the first attack, hackers stole the personal data of about 5,000 employees of JAXA and its related companies—nearly everyone with personal data on the computer network at the time.

A JAXA investigation found that hackers took over accounts of about 200 of those individuals, including many senior JAXA officials, and gained unauthorized access to information, the sources said.

The 200 hijacked accounts included those of about five directors on the nine-member board at the time, including President Hiroshi Yamakawa, the sources said.

Hackers apparently targeted the accounts of directors and other senior officials who are authorized to access information on JAXA’s negotiations with outside parties, the sources said.

The hijacked accounts also included those of senior officials in charge of policy issues and budget affairs, the sources said.

According to the in-house investigation, Microsoft Corp.’s cloud service Microsoft 365 was compromised in the June 2023 cyberattack.

More than 10,000 files of information stored on Microsoft 365 could have been leaked, the sources said.

Of those, more than 1,000 files were provided by outside parties, including more than 40 companies and organizations with which JAXA had concluded non-disclosure agreements.

Thse 40-plus entities include NASA, the European Space Agency, Toyota Motor Corp., Mitsubishi Heavy Industries Ltd. and the Defense Agency.

The information that could have been leaked mostly belonged to JAXA’s Strategic Planning and Management Department, the JAXA Space Exploration Center and JAXA’s Human Spaceflight Technology Directorate, among other divisions, the sources said.

The JAXA Space Exploration Center is responsible for the NASA-led Artemis international lunar exploration program. Toyota is participating in development of a manned lunar rover for the program.

Among the leaked files that were covered by non-disclosure agreements, the largest number of files were related to Toyota.

The files also included those about entities involved in space exploration and national security, such as NASA and Mitsubishi Heavy Industries.

JAXA released an outline in July of the damage caused by these cyberattacks.

At the time, officials said they had not received any reports of significant disruptions to the operations of the entities affected.

When asked in September about the suspected hijacking of the senior officials’ accounts, JAXA declined to discuss details.

“We understand that nothing has occurred that would make it difficult to carry out operations, including cooperation with domestic and foreign organizations, but we take the incidents seriously as a matter that could undermine relationships of trust. We are working to further improve security,” JAXA said.

(This article was written by Takahiro Takenouchi and Ryo Sasaki.)

Related News