Nato preiskuje uhajanje podatkov, ukradenih prodajalcu izstrelkov v temnem spletu

Nato preiskuje uhajanje podatkov, ki naj bi bili ukradeni iz evropskega podjetja za raketne sisteme, ki so jih hekerji dali v prodajo na temnem spletu, glede na objavljeno poročilo.

Razkriti podatki vključujejo načrte orožja, ki ga je Ukrajina uporabljala v trenutni vojni z Rusijo.

Podjetje za integrirano obrambo MBDA Missile Systems s sedežem v Franciji je priznalo, da so podatki iz njegovih sistemov del predpomnilnika, ki ga akterji groženj prodajajo na hekerskih forumih po tem, kar se zdi, da gre za napad z izsiljevalsko programsko opremo.

Contradicting the cyberattackers’ claims in their ads, nothing up for grabs is classified information, MBDA said. It added that the data was acquired from a compromised external hard drive, not the company’s internal networks.

NATO, meanwhile, is “assessing claims relating to data allegedly stolen from MBDA,” a NATO official told Dark Reading on Monday.

“We have no indication that any NATO network has been compromised,” the official said.

Dvojno izsiljevanje

MBDA acknowledged in early August that it was “the subject of a blackmail attempt by a criminal group that falsely claims to have hacked the company’s information networks,” v postu na svoji spletni strani.

Podjetje je zavrnilo plačilo odkupnine in tako so podatki pricurljali za prodajo na spletu, piše v objavi.

Natančneje, akterji groženj prodajajo 80 GB ukradenih podatkov na forumih v ruskem in angleškem jeziku s ceno 15 bitcoinov, kar je približno 297,279 $, glede na Poročilo z BBC, ki je v petek objavil novico o Natovi preiskavi. Pravzaprav kibernetski kriminalci trdijo, da so že prodali podatke vsaj enemu kupcu.

NATO is investigating one of the firm’s suppliers as the possible source of the breach, according to the report. MBDA is a joint venture between three key shareholders: AirBus, BAE Systems, and Leonardo. Though the company operates out of Europe, it has subsidiaries po vsem svetu, vključno z MBDA Missile Systems v Združenih državah Amerike.

Podjetje sodeluje z oblastmi v Italiji, kjer je prišlo do kršitve.

MBDA je lani zabeležila 3.5 milijarde dolarjev prihodkov in med svoje stranke šteje Nato, ameriško vojsko in ministrstvo za obrambo Združenega kraljestva.

Zaupni podatki & Ukrajina

Hackers claimed in their ad for the leaked data to have “classified information about employees of companies that took part in the development of closed military projects,” as well as “design documentation, drawings, presentations, video and photo materials, contract agreements, and correspondence with other companies,” according to the BBC.

Med vzorčnimi datotekami v 50-megabajtni zalogi, ki si jo je ogledal BBC, je predstavitev, ki prikazuje načrte Land Ceptor Common Anti-Air Modular Missile (CAMM), vključno z natančno lokacijo elektronske pomnilniške enote v njej. Ena od teh raket je bila nedavno poslana na Poljsko za uporabo v ukrajinskem konfliktu kot del sistema Sky Sabre in je trenutno operativna, glede na poročilo.

To bi lahko dalo namig o motivih akterjev groženj; Začele so se napredne trajne grožnje (APT), usklajene z Rusijo udaril v Ukrajino s kibernetskimi napadi še pred rusko uradno invazijo 24. feb.

Po začetku konflikta na terenu so akterji grožnje še naprej dušili Ukrajino z Kibernetske vojne podpirati ruska vojaška prizadevanja.

The sample data viewed by the BBC also included documents labelled “NATO CONFIDENTIAL,” “NATO RESTRICTED,” and “Unclassified Controlled Information,” according to the report. At least one stolen folder contains detailed drawings of MBDA equipment.

The criminals also sent by email documents to the BBC including two marked “NATO SECRET,” according to the report. The hackers did not confirm whether the material had come from a single source or more than one hacked source.

Nonetheless, MBDA insists that the verification processes that the company has executed so far “indicate that the data made available online are neither classified data nor sensitive.”