NATO Secrets Found For Sale On The Dark Web

Uploaded on 2022-09-14 in INTELLIGENCE--Europe, GOVERNMENT-Defence, FREE TO VIEW

Portugal’s Armed Forces Ministry has suffered a cyber attack that allegedly allowed the theft of classified NATO documents, which are now being  sold on the Dark Web. The extent of the damage is still being investigated by the National Security Office, but suspicions are that a security breach facilitated the exfiltration of secret NATO documents from supposedly secure military computers.

According to sources, insecure channels were used to receive and forward the documents when the official Integrated System of Military Communications (SICOM) should have been used.

US intelligence agencies noticed the sale of stolen documents and alerted the US embassy in Lisbon, which in turn warned the Portuguese government about the data breach. “The exchange of information between allies in terms of information security is permanent at the bilateral and multilateral levels,” said a spokesperson for the Prime Minister.  “Whenever there is a suspicion of compromise of cyber security of information system networks, the situation is extensively analysed and all procedures aimed at enhancing cyber security awareness and the correct handling of information to deal with new types of threat are implemented...  Disciplinary and/or criminal law automatically determines the adoption of appropriate procedures."

The data leak comes after NATO claimed in late August that the bloc was investigating a hacking of missile firm MBDA by unknown malicious actors. According to media reports, the hackers had put blueprints of weapons used by Ukraine in its conflict with Russia on sale on the Dark Web. 

This incident is not the first time that Portugal was involved in a security breach related to NATO documents. In 2018, Portuguese intelligence officer Frederico Carvalhao Gil was convicted for spying for Russia after he was found selling classified NATO and EU documents to a Russian agent.

Diario de Noticias:    ITPro:    Bleeping Computer:     AA.com:    FarsNews:     Babel:       Portugal Resident

You Might Also Read: 

NATO & Ukraine Agree Deeper Cyber Co-operation:

 

« Securing Hybrid Identity
Five Cloud Security Mistakes Your Business Should Avoid »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

RISA

RISA

RISA solutions help to secure networks, improve overall network security, and achieve government regulatory compliance.

Bsquare

Bsquare

Bsquare DataV software and engineering services help enterprises implement business-focused Internet of Things systems.

Indium Software

Indium Software

Indium Software is an Independent Software Testing Company offering software testing services (including security testing) and offshore Quality Assurance solutions.

Disklabs

Disklabs

Disklabs are industry leaders in data recovery, digital forensics and data erasure.

ClickDatos

ClickDatos

ClickDatos specializes in consulting, auditing, data protection training, accredited by ISO/IEC 27001 certification.

Westminster eForum

Westminster eForum

Wesrtminster eForum runs a series of conferences on matters relating to the UKs Digital Strategy. Topics include Smart Cities and Cyber Security.

Boldon James

Boldon James

Boldon James are market leaders in data classification and secure messaging software.

Havoc Shield

Havoc Shield

Havoc Shield is an all-in-one information security platform that includes everything a growing team needs to secure their remote workforce.

Comcast Business

Comcast Business

Comcast Business keeps businesses ready for what’s next with powerful connectivity, advanced cybersecurity solutions, and the right people at your side.

Oxford Internet Institute - University of Oxford

Oxford Internet Institute - University of Oxford

The Oxford Internet Institute is a multidisciplinary research and teaching department of the University of Oxford, dedicated to the social science of the Internet.

MyCISO

MyCISO

MyCISO is the World’s first SaaS application that will vastly simplify security management for all.

Association of Azerbaijani Cyber Security Organizations (AKTA)

Association of Azerbaijani Cyber Security Organizations (AKTA)

The Association of Azerbaijani Cyber Security Organizations (AKTA) is a non-commercial organization aimed at strengthening the country's cybersecurity system.

Unified Solutions

Unified Solutions

Unified Solutions provide a full continuum of cyber security services, compliance, and technology solutions.

Delta Partners

Delta Partners

Delta Partners is a venture capital firm investing in Ireland and the United Kingdom with a strong focus on early stage technology companies.

PingSafe

PingSafe

PingSafe is creating the next-generation cloud security platform powered by attackers' intelligence, providing coverage for vulnerabilities that traditional security solutions would otherwise overlook

Cyro Cyber

Cyro Cyber

Cyro Cyber is a collective of some of the UK’s most experienced and savvy cybersecurity, information assurance, data protection, IT governance and compliance experts.