LockBit Hacked British Military Data 

More details are emerging of the recent supply chain attack on the British Ministry of Defence (MoD) in whch a norious Russian hacking group known as LockBit have successfully hacked and accessed gigabytes of sensitive data related to British military and intelligence sites. 

The hackers reportedly targeted Zaun, a manufacturer provider of metal fences for military applications at maximum security sites.

According to the company, LockBit breached a heavily outdtated Windows 7 computer that was running software for one of its manufacturing machines. “In an otherwise up-to-date network, the breach occurred through a rogue Windows 7 PC that was running software for one of our manufacturing machines. Our own cyber security prevented the server from being encrypted. The machine has been removed and the vulnerability closed. We have been able to continue work as normal with no interruptions to service,” the company said in a statement.

Microsoft made a commitment to provide 10 years of product support for Windows 7 when it was released on October 22, 2009 and  Windows 7 support ended on January 14, 2020

"We can now confirm that during the attack LockBit managed to download some data, possibly limited to the vulnerable PC but with a risk that some data on the server was accessed. It is believed that this is 10 GB of data, 0.74% of our stored data."

The Wolverhampton-based Zaun, said it believed that no classified information was downloaded, however reports indicated that attackers were able to obtain data that could be used to gain access to some of the UK's most sensitive military and research sites.

The LockBit Ransom group conducted the attack on the company's network and exfiltrated 10GB of data. The company has admittedd that the attack might have reached its server beyond the Windows 7 entry point. “Zaun was subjected to a sophisticated cyberattack on our IT network by the LockBit ransom group," read Zaun’s company statement on its website. "Our own cyber security prevented the server from being encrypted. We have been able to continue work as normal with no interruptions to service."

The  obsolete Windows 7 PC that was running software for one of the firm's manufacturing machines has been removed and the vulnerability closed, according to Zaun.

Members of the British Parliament warned that any sensitive security information could be transferred to UK enemies, creating a “huge concern” for the country. A source from the defense industry said the issue is now being taken “very seriously,” but assured that there is no indication that the stolen data presents a real threat to national security.

Zaun:     Microsft:    The Register:   The Defense Post:      CSO Online:   Infosecurity Magazine

Image: Public Domain

You Might Also Read: 

Legacy Technology is Undermining How Business Responds To Ransomware:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« How To Check If A Link Is Safe
Establishing A Digital Immune System »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

GrammaTech

GrammaTech

GrammaTech is a leading developer of software-assurance tools and advanced cyber-security solutions.

Cybellum

Cybellum

Cybellum brings the entire product security workflow into one dedicated platform, allowing device manufacturers to keep the connected products they build cyber-secure and cyber-compliant.

OmniNet

OmniNet

OmniNet delivers the next generation of cybersecurity and is the only provider in the market to move the edge of small businesses to a virtual, omnipresent perimeter.

Radiflow

Radiflow

Radiflow is a leading provider of cyber security solutions for critical infrastructure networks (i.e. SCADA), such as power utilities, oil & gas, water and others.

Cyber Defense Labs

Cyber Defense Labs

Cyber Defense Labs helps companies identify, mitigate and reduce risk as a trusted, reliable partner for cyber risk management.

X4 Technology

X4 Technology

X4 Technology is a leader in finding the very best technology talent for some of the world’s most innovative start-ups and globally recognised brands.

DivvyCloud

DivvyCloud

DivvyCloud protects your cloud and container environments from misconfigurations, policy violations, threats, and IAM challenges.

Q-Net Security

Q-Net Security

Protect your critical networks. Q-Net Security make hardware that provides the strongest drop-in security for your existing critical infrastructure.

Havoc Shield

Havoc Shield

Havoc Shield is an all-in-one information security platform that includes everything a growing team needs to secure their remote workforce.

Xiarch Solutions

Xiarch Solutions

Xiarch Security is an global security firm that educates clients, identifies security risks, informs intelligent business decisions, and enables you to reduce your attack surface.

SensCy

SensCy

SensCy is a Trusted Guide for Sensible Cybersecurity for small and medium-sized organizations.

Rimini Street

Rimini Street

Rimini Street is a global provider of enterprise software support products and services, and the leading third-party support provider for Oracle and SAP software products.

Gomboc.ai

Gomboc.ai

Gomboc solve cloud infrastructure security policy deviations by providing tailored remediations to the IaC (Infrastructure as Code).

Methods

Methods

Methods is the leading digital transformation partner for the UK public sector. We care deeply about making our public services better and have been doing this for over 28 years.

Klarytee

Klarytee

Protect your data wherever it goes. Klarytee is a SaaS platform that builds security into sensitive content to enable granular control in AI, public cloud and SaaS.

Cyderes

Cyderes

Cyderes (Cyber Defense and Response) is a global, pure-play, full life-cycle cyber security services provider formed from the merger of Herjavec Group and Fishtech Group in 2022.