NASA and ISS data stolen from Japanese space agency
JAXA finds second 'virus' on PC of employee
Sensitive data on a Japanese-designed space vehicle used to supply the International Space Station (ISS) appears to have been compromised after the country’s space agency admitted it had discovered a Trojan infection on one of its employee’s computers.
Japan’s Aerospace Exploration Agency (JAXA) discovered the latest infection on 6 January affecting the same employee whose PC had been hit by malware after opening an infected attachment last July.
That infection was only discovered a month later and is now believed to have led to the loss of data including up to 1,000 email addresses, login details for the agency’s intranet, and NASA documents covering operation of the ISS.
Related Articles on Techworld
Given the employee’s work on the JAXA H-II Transfer vehicle (HTV), nicknamed ‘Konotori’, the agency is worried that the latest infection could also have given attackers access to data on the project.
"Information stored in the computer as well as system information that is accessible by an employee have been leaking outside. We are now confirming the leaked information and investigating the cause," a statement put out by the agency and translated by Japanese press said.
"With the above backdrop, passwords for all accessible systems from the computer have been immediately changed in order to prevent any abuse of possibly leaked information, and we are currently investigating the scale of damage and the impact. Also, all other computer terminals are being checked for virus infections."
The H-II is an unmanned vehicle used to ferry supplies to the ISS and was first launched in 2009 with a second take-off scheduled for next Sunday, 22 January.
NASA and the ISS have a chequered history when it comes to hacking and data breaches.
Last November, a Romanian man was arrested after being accused of breaking into the agency’s servers. In 2008, NASA confirmed that a laptop taken to the International Space Station had become infected with a common worm, Gammima.AG.
The country itself has suffered a spate of embarrassing malware infections in Government systems, including an attack on defence contractors, on its politicians and diplomatic offices. As with the apparent JAXA attack, Trojans designed to steal data were involved in each case; a picture is now building of a concerted attack during 2011 on the country's infrastructure by criminals or a foreign intelligence service.