Japan's space agency, the Japan Aerospace Exploration Agency (JAXA), recently revealed that it has suffered a cyber attack leading to unauthorized access to its systems.
The incident first came to light when JAXA's chief cabinet secretary Hirokazu Matsuno mentioned it during a press briefing on November 30th. He stated that JAXA suspects a breach of its Active Directory implementation, which allows central authentication and authorization on a Windows network.
Active Directory Breach Enables Wider Access
An Active Directory compromise can allow attackers to gain far-reaching access to an organization's systems and data by acquiring compromised credentials. Once in control of the directory, attackers may be able to obtain credentials, escalate privileges, and move laterally across the network.
After detecting the cyber attack, JAXA proceeded to shut down parts of its network, including an intranet system, while it investigated the extent of the breach with the help of cybersecurity professionals.
No Sensitive Data Believed Stolen
Per Secretary Matsuno, early analysis suggests that no sensitive information was stolen in the incident. However, the Japanese government has asked JAXA to implement countermeasures, adding that early research suggests no sensitive information was stolen.
This is not the first time JAXA has faced cyber attacks. The agency suffered breaches earlier in 2016 and 2012 as well. Space agencies and aerospace companies are attractive targets for cyber espionage given the cutting-edge research and technology developments taking place.