Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label MBDA. Show all posts

Missile Supplier MBDA Breach Disclosed by CloudSEK

In July, a threat actor operating by the online alias Adrastea claimed to have breached MBDA. The threat actor describes itself as a team of independent cybersecurity experts and researchers.

According to Adrastea, they have taken 60 GB of sensitive data and discovered significant flaws in the organization's infrastructure. As per attackers, the stolen material includes details about the remaining workforce participating in military programs, business ventures, contract agreements, and correspondence with other businesses.

A new advisory about the suspected hacking campaign against MBDA has been published by security researchers at CloudSEK. The blog site, posted on Sunday, claimed that CloudSEK's researchers were successful in locating and decrypting the password-protected ZIP file holding the evidence for the data breach. 

The hackers uploaded a post in which the password to unlock the file was mentioned. Two folders with the names 'MBDA' and 'NATO Diefsa' were included in the ZIP file.

The folder, according to the security professionals, contained files outlining the private personally identifiable information (PII) of MBDA's employees as well as numerous standard operating procedures (SOPs) supporting the need for NATO's Counter Intelligence to prevent threats related to terrorism, espionage, sabotage, and subversion (TESS).

The SOPs define NATO collection and plan functions, roles, and practices utilized in support of NATO operations and exercises. According to CloudSEK, "the SOPs also contain all IRM & CM (Intelligence Requirement Management and Collection Management) process activities that result in the successful and efficient execution of the intelligence cycle." 

Internal drawings of missile system wiring diagrams, electrical schematic diagrams, and records of actions connecting the MBDA to the European Union's Ministry of Defence were also apparently included in the retrieved papers. 

The cybersecurity firm made it clear that Adrastea's reputation as a threat actor is currently poor due to the numerous objections and concerns noted in the dark web forums where hackers purportedly posted the MBDA material. 

Furthermore, as this is the group's first known activity, it is challenging to determine whether the material posted is accurate. 


Hackers Sell Classified Data of Missile Firm MBDA, NATO Launches Investigation


Hackers claim classified data on sale

A cybercrime gang is selling confidential data which was stolen from MBDA Missile Systems (A European Firm.) For the users' information, MBDA is a European company that makes missiles and other weapons. 

It was established in 2001 from a merger of British, Italian, and French companies. MBDA is the world's second largest missile maker, the first being Boeing. 

The company has three main product lines- air-to-surface missiles, air-to-air missiles, and surface-to-air missiles. The weapons are used by the militaries of more than 40 countries. 

About MBDA 

MBDA's headquarters are in Paris, France. The company has manufacturing setups in Britain, Spain, France, and Italy. It has more than 13,000 employees. 

Unknown hackers claim that they have confidential military data accessed from MBDA after a successful data attack. 

As observed by HackRead.com, in the beginning, threat actors using Russian and English hacking platforms were selling around 80 GB of stolen data for 15 BTC (approx $294,000).

Company admits that data breach happened 

But, on August 29th, the gang lowered the price to 1BTC ($19,000) for data worth 70GB. On the other hand, BBC, MBDA, has admitted that part of its data were hacked after breaching an external hard disk. 

NATO has launched an investigation into selling top-secret weapon and missile data files online. MBDA is collaborating with investigation authorities in Italy, as it is the place where the data attacks happened. 

The investigation is focusing on one of the firm's suppliers. One should note that NATO is among MBDA's clients. A NATO representative said that they are assessing claims relating to data allegedly stolen from MBDA. 

He also said that there's no confirmation that the NATO network was compromised. The firm says that it followed all required measures to protect its networks. 

MBDA'S Stand

It insists that the data compromise happened many weeks ago and the breached data is not sensitive or classified. MBDA denies the hacking group's claims that they are selling confidential military data. 

No hacking of our secure networks has occurred. MBDA can confirm that there is no protectively marked data from MBDA involved, said MBDA. 

HackRead reports, "MBDA further explained that it refused to yield to the hackers’ ransom demands, which is why they are spreading misinformation on the internet to force the company to pay the ransom. However, the company won’t give in and vowed to take all legal actions against the blackmailers."

The data was still on sale, during the time this article was written.