Japan’s space agency says it is investigating a possible leak of data about its Epsilon rocket, to be launched next year, due to a computer virus. The Japan Aerospace Exploration Agency says an infected computer was disconnected from its networks after a virus was found earlier this month. It is checking to see if any data was siphoned from it. The agency said it is tightening security to prevent any further leaks.
It was shocking for me to see that for a project of such high confidentiality and importance, security is done so poorly. Such security exploits are not rare. For instance, Sony was hacked 1 year ago and lost lots of its user data. I think the take-away is that every engineers should have some basic understanding of security in addition to their domain specific expertise. Only in this way, can we build safe applications/services that are robust against attacks.
While i was just following the story to see whether JAXA was able to find out the reason behind this leak. Till yesterday they haven’t found any thing concrete and they are still suspecting that whether the attack was deliberate or was just a mistake. But going back in March 2012 somewhat same event had happened where one of the employee’s machine got compromised because it was not updated from long time.
This raises a doubt if the attempt of data breach had already taken place once in the month of march and again similar event has taken place whose sole purpose was again data stealing, so why JAXA hasn’t improved their security after the first attempt only?
References:
1)http://news.softpedia.com/news/Japanese-Space-Agency-Epsilon-Rocket-Details-Possibly-Stolen-by-Spyware-311334.shtml?utm_source=dlvr.it&utm_medium=twitter
2)http://www.jaxa.jp/press/2012/03/20120327_security_e.html