NATO Secrets Found For Sale On The Dark Web

Uploaded on 2022-09-14 in INTELLIGENCE--Europe, GOVERNMENT-Defence, FREE TO VIEW

Portugal’s Armed Forces Ministry has suffered a cyber attack that allegedly allowed the theft of classified NATO documents, which are now being  sold on the Dark Web. The extent of the damage is still being investigated by the National Security Office, but suspicions are that a security breach facilitated the exfiltration of secret NATO documents from supposedly secure military computers.

According to sources, insecure channels were used to receive and forward the documents when the official Integrated System of Military Communications (SICOM) should have been used.

US intelligence agencies noticed the sale of stolen documents and alerted the US embassy in Lisbon, which in turn warned the Portuguese government about the data breach. “The exchange of information between allies in terms of information security is permanent at the bilateral and multilateral levels,” said a spokesperson for the Prime Minister.  “Whenever there is a suspicion of compromise of cyber security of information system networks, the situation is extensively analysed and all procedures aimed at enhancing cyber security awareness and the correct handling of information to deal with new types of threat are implemented...  Disciplinary and/or criminal law automatically determines the adoption of appropriate procedures."

The data leak comes after NATO claimed in late August that the bloc was investigating a hacking of missile firm MBDA by unknown malicious actors. According to media reports, the hackers had put blueprints of weapons used by Ukraine in its conflict with Russia on sale on the Dark Web. 

This incident is not the first time that Portugal was involved in a security breach related to NATO documents. In 2018, Portuguese intelligence officer Frederico Carvalhao Gil was convicted for spying for Russia after he was found selling classified NATO and EU documents to a Russian agent.

Diario de Noticias:    ITPro:    Bleeping Computer:     AA.com:    FarsNews:     Babel:       Portugal Resident

You Might Also Read: 

NATO & Ukraine Agree Deeper Cyber Co-operation:

 

« Securing Hybrid Identity
Five Cloud Security Mistakes Your Business Should Avoid »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

CDW

CDW

CDW is a leading multi-brand provider of information technology solutions to business, government, education and healthcare customers in the United States, the United Kingdom and Canada.

Conscio Technologies

Conscio Technologies

Conscio Technologies is a specialist in IT security awareness. Our solutions allow you to easily manage innovative online IT awareness campaigns.

Allgress

Allgress

Allgress solutions converge disparate risk silos across enterprise networks and automate governance, risk and compliance management processes.

KE-CIRT/CC

KE-CIRT/CC

KE-CIRT/CC is the national Computer Incident Response Team for Kenya.

Parsons

Parsons

Parsons has developed a converged security offering that combines cybersecurity, integrated network solutions, and critical infrastructure protection.

Cybercrime Investigation & Coordinating Center (CICC)

Cybercrime Investigation & Coordinating Center (CICC)

The Cybercrime Investigation and Coordinating Center (CICC) is an attached agency of the Philippines Department of Information and Communications Technology (DICT).

Consortium for Information & Software Quality (CISQ)

Consortium for Information & Software Quality (CISQ)

The mission of CISQ is to develop international standards for software quality and to promote the development and sustainment of secure, reliable, and trustworthy software.

SWAT Systems

SWAT Systems

SWAT Systems is an IT support and cyber security managed service provider.

SOSA

SOSA

SOSA facilitates new growth opportunities by connecting the dots between industry verticals and innovation ecosystems around the world.

CyGlass

CyGlass

CyGlass simply and effectively identifies, detects, and responds to threats to your network without requiring any additional hardware, software, or people.

Limes Security

Limes Security

Limes Security GmbH is the leading OT Security expert in the German-speaking region of Europe.

Cyberplc

Cyberplc

Cyberplc is a global cybersecurity consulting firm providing services to government, the public sector and enterprises.

QFunction

QFunction

QFunction works within your existing security stack to detect anomalies and threats within your data.

Blind Insight

Blind Insight

Field-level searchable encryption plus fine-grained programmable access controls. All wrapped neatly in developer-friendly APIs and SDKs. Data protection perfection.

7AI

7AI

7AI is the first agentic security platform that harnesses the speed, swarming capabilities, and power of AI to finally give defenders the advantage over evolving threats.

Cyberverse Foundation

Cyberverse Foundation

Cyberverse Foundation is an organization dedicated to building a robust cybersecurity ecosystem in India.