Japan Aerospace Agency hit by ransomware attacks

Japan Aerospace Exploration Agency, commonly referred to as JAXA, recently fell victim to a cyber attack believed to be a ransomware variant.
While an official confirmation on the nature of the cyber incident has been issued, specific details regarding the ransomware remain under investigation.
According to a source within JAXA, it is suspected that the system may have been compromised during the summer of this year.
The breach was only detected during routine IT audits, highlighting the sophisticated nature of the attack.
Reports from Yomiuri Shimbun, a prominent Japanese newspaper, suggest that the security breach might have occurred through the exploitation of vulnerabilities in the Active Directory Servers.
Credentials may have been illicitly obtained through phishing or other means, as clarified by the newspaper.
This cyber attack on JAXA bears resemblance to a large-scale incident that unfolded in 2016 and 2017.
Subsequent investigations by the government revealed the involvement of the Chinese People's Liberation Army, leading to the indictment of a member linked to the Communist Party of China.
In response to the recent incident, JAXA has promptly notified law enforcement and government officials.
As a precautionary measure, the agency has taken steps to contain the potential repercussions by temporarily shutting down its intranet services.
In the context of geopolitical tensions in Asia, neighboring nations often find themselves entangled in border conflicts.
The strained relations between China and Japan, influenced by various catalysts, contribute to the heightened concerns regarding cyber attacks.
The year 2023 has seen a surge in cyber threats targeting Japanese companies.
Notably, entities such as Seiko, Yamaha, Casio, and EISAI, a major trading port in Japan, have also faced cyber intrusions, raising alarm bells across various sectors.


This Cyber News was published on www.cybersecurity-insiders.com. Publication date: Fri, 01 Dec 2023 23:06:57 +0000


Cyber News related to Japan Aerospace Agency hit by ransomware attacks

Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
1 year ago Heimdalsecurity.com
Dark Web Tool Arms Ransomware Gangs: E-commerce & Aviation Industries Targeted - Cybersecurity researchers have published two concerning reports where the first report highlights the surge in cyber attacks against the aviation and aerospace industries - And the second report exposes a dark web tool called TMChecker fueling ...
9 months ago Hackread.com
Ransomware's Impact May Include Heart Attacks, Strokes & PTSD - First-order harms: Direct targets of ransomware attacks. The increasing convergence of IT and OT leave physical infrastructures more vulnerable to ransomware, even though most ransomware operators lack the capability to directly compromise OT or ...
10 months ago Techrepublic.com
Japanese Space Agency JAXA hacked in summer cyberattack - The Japan Aerospace Exploration Agency was hacked in a cyberattack over the summer, which may have put sensitive space-related technology and data at risk. The security breach was discovered this autumn when law enforcement authorities alerted ...
1 year ago Bleepingcomputer.com
The year of Mega Ransomware attacks with unprecedented impact on global organizations - A Staggering 1 in every 10 organizations worldwide hit by attempted Ransomware attacks in 2023, surging 33% from previous year, when 1 in every 13 organisations received ransomware attacks Throughout 2023, organizations around the world have each ...
11 months ago Blog.checkpoint.com
Japan Aerospace Agency hit by ransomware attacks - Japan Aerospace Exploration Agency, commonly referred to as JAXA, recently fell victim to a cyber attack believed to be a ransomware variant. While an official confirmation on the nature of the cyber incident has been issued, specific details ...
1 year ago Cybersecurity-insiders.com
The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
11 months ago Securityboulevard.com
Ransomware trends and recovery strategies companies should know - Ransomware attacks can have severe consequences, causing financial losses, reputational damage, and operational disruptions. The methods used to deliver ransomware vary, including phishing emails, malicious websites, and exploiting vulnerabilities in ...
1 year ago Helpnetsecurity.com
Ransomware in 2023 recap: 5 key takeaways - This provides the best overall picture of ransomware activity, but the true number of attacks is far higher. While some ransomware trends hardly changed over the last year, such as LockBit's continued dominance, ransomware criminals also challenged ...
10 months ago Malwarebytes.com
Medusa Ransomware Turning Your Files into Stone - Unit 42 Threat Intelligence analysts have noticed an escalation in Medusa ransomware activities and a shift in tactics toward extortion, characterized by the introduction in early 2023 of their dedicated leak site called the Medusa Blog. The Unit 42 ...
11 months ago Unit42.paloaltonetworks.com
The Week in Ransomware - An international law enforcement operation claims to have dismantled a ransomware affiliate operation in Ukraine, which was responsible for attacks on organizations in 71 countries. The threat actors are said to be affiliates of numerous ransomware ...
1 year ago Bleepingcomputer.com
Japan's Space Program at Risk After Microsoft Active Directory Breach - Japan's Space Exploration Agency reported this week that it experienced a cyber incident this past summer stemming from a breach of Microsoft Active Directory - raising concerns that nation-state actors might be after the country's space program ...
1 year ago Darkreading.com
Ransomware Roundup - The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants. This edition of the Ransomware Roundup covers the 8base ransomware. 8base ...
11 months ago Feeds.fortinet.com
Ransomware Roundup - On a bi-weekly basis, FortiGuard Labs gathers data on ransomware variants of interest that have been gaining traction within our datasets and the OSINT community. The Ransomware Roundup report aims to provide readers with brief insights into the ...
9 months ago Feeds.fortinet.com
The Week in Ransomware - This week was pretty quiet on the ransomware front, with most of the attention on the seizure of the BreachForums data theft forum. That does not mean there was nothing of interest released this week about ransomware. A report by CISA said that the ...
7 months ago Bleepingcomputer.com
Best Ransomware Protection Practices for Midsize Organizations - Ransomware Protection has emerged as a crucial step in cybersecurity since ransomware attacks have become a major threat to businesses of all sizes, including midsize organizations. Ransomware attacks can be delivered via email attachments or links, ...
11 months ago Securityboulevard.com
Dozens of countries will pledge to stop paying ransomware gangs - An alliance of 40 countries will sign a pledge during the third annual International Counter-Ransomware Initiative summit in Washington, D.C., to stop paying ransoms demanded by cybercriminal groups. Addressing reporters on Monday, Anne Neuberger, ...
1 year ago Bleepingcomputer.com
Declining Ransomware Payments: Shift in Hacker Tactics? - Several cybersecurity advisories and agencies recommend not caving into ransomware gangs' demands and paying their ransoms. It seems the tide is turning, with a decline in ransomware payments; this article explores the trend and what it might mean ...
10 months ago Securityboulevard.com
The Week in Ransomware - Earlier this month, the BlackCat/ALPHV ransomware operation suffered a five-day disruption to their Tor data leak and negotiation sites, rumored to be caused by a law enforcement action. The FBI revealed this week that they hacked the BlackCat/ALPHV ...
11 months ago Bleepingcomputer.com
Frameworks, Guidelines & Bounties Alone Won't Defeat Ransomware - COMMENTARY. The US government is ramping up efforts to stem the increasingly disruptive scourge of ransomware attacks. The State Department recently offered up to $15 million for information on LockBit, and $10 million for information on the ...
8 months ago Darkreading.com
Ransomware Attack Leaks Sensitive Info on 200,000 Indianapolis Housing Agency Residents - The Indianapolis Housing Agency is notifying more than 200,000 people that their information, including Social Security numbers and more, was leaked during a ransomware attack that began in September. The federally-funded agency is responsible for ...
1 year ago Therecord.media
Targeting homeowners' data - As these companies obtain a large amount of sensitive information from their customers, they become attractive targets for ransomware gangs to conduct double-extortion attacks. Finland is also warning of Akira ransomware increasingly targeting ...
11 months ago Bleepingcomputer.com
The Week in Ransomware - Governments struck back this week against members of ransomware operations, imposing sanctions on one threat actor and sentencing another to prison. On Tuesday, the Australian, US, and UK governments announced sanctions against Aleksandr Gennadievich ...
10 months ago Bleepingcomputer.com
Waiting for the BlackCat rebrand - We saw another ransomware operation shut down this week after first getting breached by law enforcement and then targeting critical infrastructure, putting them further in the spotlight of the US government. While the Tor onion domain seizure was a ...
9 months ago Bleepingcomputer.com
Key Group uses leaked builders of ransomware and wipers | Securelist - The first discovered sample of Key Group, the Xorist ransomware, established persistence in the system by changing file extension associations. The .huis_bn extension added to encrypted files in the early versions of Key Group samples, Xorist and ...
2 months ago Securelist.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)