LockBit Hacked British Military Data 

More details are emerging of the recent supply chain attack on the British Ministry of Defence (MoD) in whch a norious Russian hacking group known as LockBit have successfully hacked and accessed gigabytes of sensitive data related to British military and intelligence sites. 

The hackers reportedly targeted Zaun, a manufacturer provider of metal fences for military applications at maximum security sites.

According to the company, LockBit breached a heavily outdtated Windows 7 computer that was running software for one of its manufacturing machines. “In an otherwise up-to-date network, the breach occurred through a rogue Windows 7 PC that was running software for one of our manufacturing machines. Our own cyber security prevented the server from being encrypted. The machine has been removed and the vulnerability closed. We have been able to continue work as normal with no interruptions to service,” the company said in a statement.

Microsoft made a commitment to provide 10 years of product support for Windows 7 when it was released on October 22, 2009 and  Windows 7 support ended on January 14, 2020

"We can now confirm that during the attack LockBit managed to download some data, possibly limited to the vulnerable PC but with a risk that some data on the server was accessed. It is believed that this is 10 GB of data, 0.74% of our stored data."

The Wolverhampton-based Zaun, said it believed that no classified information was downloaded, however reports indicated that attackers were able to obtain data that could be used to gain access to some of the UK's most sensitive military and research sites.

The LockBit Ransom group conducted the attack on the company's network and exfiltrated 10GB of data. The company has admittedd that the attack might have reached its server beyond the Windows 7 entry point. “Zaun was subjected to a sophisticated cyberattack on our IT network by the LockBit ransom group," read Zaun’s company statement on its website. "Our own cyber security prevented the server from being encrypted. We have been able to continue work as normal with no interruptions to service."

The  obsolete Windows 7 PC that was running software for one of the firm's manufacturing machines has been removed and the vulnerability closed, according to Zaun.

Members of the British Parliament warned that any sensitive security information could be transferred to UK enemies, creating a “huge concern” for the country. A source from the defense industry said the issue is now being taken “very seriously,” but assured that there is no indication that the stolen data presents a real threat to national security.

Zaun:     Microsft:    The Register:   The Defense Post:      CSO Online:   Infosecurity Magazine

Image: Public Domain

You Might Also Read: 

Legacy Technology is Undermining How Business Responds To Ransomware:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« How To Check If A Link Is Safe
Establishing A Digital Immune System »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Academic Centres of Excellence in Cyber Security Research

Academic Centres of Excellence in Cyber Security Research

The ACE-CSRs scheme is part of the UK Government’s National Cyber Security Strategy, working with academia and industry to make the UK more resilient to cyber attacks.

CybergymIEC

CybergymIEC

CybergymIEC is a global leader in cyber defense solutions and training services.

Cyberwrite

Cyberwrite

Cyberwrite was founded to provide underwriters around the world a unique and innovative Cyber Underwriting platform.

ERI

ERI

ERI is the largest fully integrated IT and electronics asset disposition provider and cybersecurity-focused hardware destruction company in the United States.

Cyber Pop-Up

Cyber Pop-Up

Cyber Pop-Up provide on-demand access to top security experts. No recruiting. No onboarding. No overhead costs.

KrCERT/CC

KrCERT/CC

KrCERT/CC is the National Computer Emergency Response Team in Korea.

North East Business Resilience Centre (NEBRC)

North East Business Resilience Centre (NEBRC)

The North East Business Resilience Centre is a non-profit organisation here to support businesses in the North East of England in protecting themselves from cyber crimes and fraud.

Winmill Software

Winmill Software

Winmill is a technology services company that provides expert consulting services in Application Development, Application Security and Cyber Security.

Aptum

Aptum

Aptum is a global hybrid multi-cloud managed service provider delivering complex and high-performance cloud solutions with an integrated secure network.

O'Reilly Media

O'Reilly Media

O’Reilly’s help professionals learn best practices and discover emerging trends that will shape the future of the tech industry.

CentriVault

CentriVault

CentriVault is a leading independent provider of Cyber Security and Data protection services to small and medium enterprises (SMEs).

Collabera Digital

Collabera Digital

Collabera Digital engineer the next generation of solutions that power tech-forward organizations and create an impact on people and communities.

OneCollab

OneCollab

OneCollab, your unwavering ally in the dynamic landscape of IT services and cybersecurity.

CyberMontana

CyberMontana

CyberMontana is a statewide initiative providing cybersecurity awareness, training, and workforce development for businesses and residents of Montana.

Flow Security

Flow Security

Enterprises run on data, Flow secures it at runtime. With a runtime-first approach, Flow is a game-changer in the data security space, securing data itself, beyond the infrastructure it resides in.

Realm.Security

Realm.Security

Realm.Security is pioneering the creation of an easy-to-implement, simple-to-use security fabric solution that is purpose-built for cybersecurity.