Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Classified Information. Show all posts
Financial Data
Athenian Tech Classified Information Data Breach Defence Ministry Financial Data

Cyberattack Exposes Confidential Defence Data, Raising Security Concerns

 



A massive collection of classified defence documents has reportedly been stolen by hackers and put up for sale. The stolen information includes blueprints for a weapon, details about an upcoming Air Force facility, procurement strategies, and India's defence partnerships with other countries.  

Cybersecurity firm Athenian Tech, which analyzed the data, believes it was taken from the personal device of a former Defence Ministry official. Among the leaked files are emergency evacuation procedures for high-ranking government officials, including the President and Prime Minister, in the event of an aerial attack. This has raised serious concerns about national security.  


Defence Agency denies data breach

The Defence Research and Development Organisation (DRDO), which is responsible for developing military technology, is known for its strict security rules. Employees are not even allowed to carry personal mobile phones in certain areas. However, the stolen data has been linked to DRDO, raising concerns about how such critical information was accessed.  

Despite these claims, DRDO officials have denied that their systems were breached. They stated that the stolen files do not belong to their organization but have not provided further details to clarify the situation.  


Hackers Claim Responsibility 

A ransomware group called Babuk Locker 2.0 announced on March 10, 2025, that it was behind the attack. The hackers claim to have stolen 20 terabytes of sensitive defence data from DRDO’s servers, including classified military documents and login credentials. They released a small portion of this data, approximately 753 MB, as proof of their claims.  

The sample files include technical details about upgrades to the T9 Bhishma Tank, along with records of India’s defence collaborations with countries such as Finland, Brazil, and the United States.  

Athenian Tech examined conversations between the hackers and found that they were communicating in Indonesian, suggesting they may be based in Indonesia. However, after further analysis, the firm believes the hackers might have exaggerated the scale of the breach.  

The report indicates that much of the leaked data is linked to Puneet Agarwal, who served as a Joint Secretary in the Defence Ministry between 2019 and 2021. His personal information, including Aadhaar details, financial records, and travel documents, were found in the files. This suggests that the breach might have come from his personal device rather than DRDO’s secured internal network.  


Major Security Risks 

The exposure of such sensitive information highlights major cybersecurity vulnerabilities. It raises concerns about insider threats and whether India’s defence infrastructure is adequately protected from sophisticated cyberattacks.  

Athenian Tech has stressed the need for stronger security measures, tighter access controls, and constant monitoring to prevent such incidents from happening again.  

One of the biggest concerns is that classified documents were stored on a personal device, which indicates serious gaps in data security policies. If the hackers also obtained login credentials, they could use them to infiltrate more secure systems and gain access to additional classified information.  

Read more »
US Senate
Classified Information Cyber Attacks Hackers United States US Senate

The US State Department was Recently Hit by a Cyber Attack

 

According to a Fox News correspondent, the US State Department was hit by a cyberattack, and the Department of Defense Cyber Command was notified of a potentially significant breach. The date of the breach is unknown, but it is thought to have occurred a few weeks ago, according to the Fox News reporter's Twitter thread. The current mission of the State Department to withdraw Americans and allies from Afghanistan has "not been harmed," according to the reporter. 

Without confirming any incident, a reliable source told Reuters that the State Department has not encountered any substantial disruptions and that its operations have not been hampered in any manner. On Saturday, a State Department official told CNBC that the agency "takes seriously its responsibility to safeguard its information and takes constant steps to ensure it is protected."

“For security reasons, we are not in a position to discuss the nature or scope of any alleged cybersecurity incidents at this time,” the spokesperson said. 

The Senate Committee on Homeland Security and Government Affairs gave the State Department's information security programme a D grade earlier this month, the lowest possible rating given by the government model. The panel found the department to be "ineffective in four of five function areas." 

“Auditors identified weaknesses related to State’s protection of sensitive information and noted the Department did not have an effective data protection and privacy program in place,” it added. The Senate committee also discovered that the department was unable to demonstrate that it had violated data security measures while in transit and at rest. 

According to a cybersecurity report by the Senate Committee, the agency was unable to provide documentation for 60% of the sample employees evaluated who had access to its classified network. On its classified and unclassified networks, the State Department left thousands of employee accounts active even after they had left the agency for significant periods of time—in some cases as long as 152 days after employees quit, retired, or were dismissed. 

“Former employees or hackers could use those unexpired credentials to gain access to State’s sensitive and classified information, while appearing to be an authorized user,” the report stated.
Read more »
National Threat
Classified Information Cyber Crime FBI National Threat

FBI Analyst Charged for Stealing National Security Documents

 

An FBI employee with a top-secret security clearance has been indicted on charges that she illegally stored several national security documents and other national security information at home over more than a decade, the Justice Department stated on Friday. 

Kendra Kingsbury, a 48-year-old from Dodge City, Kansas, is accused of taking a range of materials between 2004 and 2017, many of which were marked secret because they discussed intelligence sources and methods containing information about operatives such as a suspected associate of Osama bin Laden. The files were from 2005 and 2006, when bin Laden, who engineered the Sept. 11 terrorist attacks, was alive and on the run from U.S. forces. 

The grand jury indictment, filed in the Western District of Missouri, alleges that Kingsbury illegally removed documents she was granted access to at work and stored them at home. She is charged with two counts of gathering, transmitting, or losing defense information, a felony that carries a maximum sentence of 10 years.

“The documents include information about al-Qaeda members on the African continent, including a suspected associate of Usama bin Laden,” the indictment reads. In addition, there are documents regarding the activities of emerging terrorists and their efforts to establish themselves in support of al-Qaeda in Africa,” the indictment reads. 

Though Kingsbury held a top-secret security clearance and was assigned to squads covering a range of crimes and threats, she did not have a “need to know” the information in most of the documents, prosecutors say. However, the indictment does not provide a reason for why Kingsbury mishandled the documents, nor does it accuse her of having transmitted the information to anyone else. The Justice Department declined to elaborate beyond the indictment on Friday.

“As an intelligence analyst for the FBI, the defendant was entrusted with access to sensitive government materials. Insider threats are a significant danger to our national security, and we will continue to work relentlessly to identify, pursue and prosecute individuals who pose such a threat,” John Demers, assistant attorney general for the Justice Department’s National Security Division, said in a statement.

In 2018, the FBI collaborated with the Office of the Director of National Intelligence to set up an updated framework meant to guide the U.S. government’s National Insider Threat Task Force (NITTF). Last month the NITTF issued an advisory on protecting against insider threats to critical infrastructure entities, including those with work touching on the U.S. electric grid, telecommunications networks, and hospitals.
Read more »
Subscribe to: Posts (Atom)