Original URL: https://www.theregister.com/2012/01/17/japan_space_agency_malware_scare/

Japanese boffins fear virus nicked spacecraft blueprints

Tokyo, we have a problem

By John Leyden

Posted in Science, 17th January 2012 12:03 GMT

Japanese space engineers have admitted one of their computers has been infected by a Trojan that may have leaked sensitive data, including system login information, to hackers.

The breach also exposed blueprints stored in the attacked terminal, according to a statement by the Japanese Aerospace Exploration Agency (JAXA). Information potentially divulged by the malware includes data related to the H-II cargo transfer vehicle that is used to ferry equipment to the International Space Station.

The infected computer was removed from the agency's network as soon as a red flag was raised over its erratic behaviour last August. Subsequent analysis revealed evidence of a virus infection. The machine was "cleaned up" before it was returned to use.

The same computer began playing up again earlier this month. A subsequent - and more thorough - investigation revealed the presence of a different species of malware. Logs revealed that data was extracted from the compromised machine between early July 2011 and 11 August 2011, or around a month before malware infection was first detected.

Data exposed by the breach may have included emails, technical specifications and operational information as well as login credentials. The space agency has reset potentially exposed passwords while it continues to investigate the scope of the breach.

The attack on JAXA follows a run of similar cyber-assaults against the Japanese government and industrial giants. Last September Mitsubishi Heavy Industries acknowledged that it had become the victim of the most high-profile of these cyber-attacks. The Japanese parliament confirmed it had been hit by another assault in October. Both attacks were blamed on Chinese hackers. ®