The Japanese Space Exploration Agency (JAXA) recently discovered that it was under attack using zero-day exploits while working with Microsoft to investigate a 2023 cyberattack on its systems.
While the 2023 breach did result in some personal information being accessed through M365, JAXA reassured the public that sensitive data related to launch vehicles and satellite operations remained secure. The agency also emphasized that their partnerships, both domestic and international, were unaffected by the attack.
The investigation revealed that the attack began with unauthorized access to Microsoft 365 (M365), which was later discovered to have resulted in the exposure of personal data. JAXA worked closely with Microsoft to probe the incident and found no further breaches.
However, the agency’s statement also revealed the discovery of malware found and removed by an actor other than Microsoft.
JAXA also detected and responded to multiple unauthorized accesses to its network since January of this year, including zero-day attacks. Although no information was compromised, the agency took swift action to strengthen its monitoring and remote access security.
This is not the first time JAXA has faced a cyberattack. The agency was breached in both 2016 and 2012. The 2016 attack led to the arrest of a Chinese national affiliated with the Chinese Communist Party (CCP) and living in Japan.
The 2023 attack has not publicly been attributed to a person or organization, and it remains to be seen whether legal action will be taken.