The Japanese Aerospace Exploration Agency (JAXA) is the latest high profile government agency in that country found to be infected with a computer virus.
According to a JAXA press release, information stored on an employee computer terminal as well as system information accessible to the employee operating it were compromised as a result. That could include data related to the H-II transfer vehicle (HTV), a vessel that transports cargo to the International Space Station.
The Agency detected an anomaly in the infected computer’s behavior on August 11, 2011, and disconnected it from the network. Further analysis revealed that the strange behavior was the result of a computer virus. Earlier this month JAXA found traces of a second virus that had been used to gather information about the computer. They have also determined that the infected machine transferred certain data outside the network sometime between July 6, 2011 and August 11, 2011.
Stored mail addresses, specification and operation information, and system log-in data accessed from the computer are suspected to be among the information leaked. The Agency has changed the passwords for all the systems accessible to the infected computer in order to curb the leaking of further information. They are continuing to investigate the scale, content, and impact of the breach.
The attack on JAXA coincides with a string of similar attacks on the country’s political and defense establishment. In September, 2011, Mitsubishi Heavy Industries admitted that it had been the target of a sophisticated cyber attack – the first such publicly acknowledged attack on Japan’s defense industry. October, 2011, hackers believed to be working for the People’s Republic of China compromised computers belonging to the Japanese Parliament. That same month, an attack compromised Japanese embassies in various countries.
