Russia-linked attackers hit UK Ministry of Defence, leak stolen data


Russian-aligned threat actors have reportedly hit the UK’s Ministry of Defence (MoD) and leaked stolen information on military and intelligence sites online. Hackers targeted the database of Zaun, a firm which handles physical security for some of Britain’s most secretive locations including a nuclear submarine base, a chemical weapon lab, and a GCHQ listening post, according to The Mirror. They released thousands of pages of data which could include highly sensitive national security details, with information about high-security prisons also stolen in the raid by notorious ransomware group LockBit, the news report said.

Attack could be “very damaging” to security of UK’s most sensitive sites

“On 5th – 6th August, Zaun was subjected to a sophisticated cyberattack on our IT network by the LockBit ransom group,” read a statement on the company’s website. “Our own cybersecurity prevented the server from being encrypted. We have been able to continue work as normal with no interruptions to service.”

The breach occurred through a rogue Windows 7 PC that was running software for one of the firm’s manufacturing machines. “The machine has been removed and the vulnerability closed,” it added. “We can now confirm that during the attack LockBit managed to download some data, possibly limited to the vulnerable PC but with a risk that some data on the server was accessed. It is believed that this is 10 GB of data, 0.74% of our stored data.”

LockBit will have potentially gained access to some historic emails, orders, drawings, and project files, the statement continued, although Zaun “does believe that any classified documents were stored on the system” or have been compromised. The UK National Cyber Security Centre (NCSC) and the Information Commissioner’s Office (ICO) have been contacted with regards to the attack and data leak.

Read more…