Nuclear Missile Contractor Hacked

Uploaded on 2020-06-15 in TECHNOLOGY--Hackers, INTELLIGENCE--USA, GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW

Hackers have stolen confidential documents from a US military contractor which provides critical support for the country's Minuteman III nuclear deterrent. The National Security Agency (NSA) has warned of Russian military hackers actively exploiting a popular email program to infiltrate computer systems within the United States. 

Spies from countries around the world are fighting a silent, dirty war to get in position in civilian infrastructure, like electricity generating civilian nuclear plants, to be able to commit sabotage during a moment of geopolitical tension.

The Russian military hacking group, Sandworm Team, operates as part of the Russian military intelligence agency (GRU).Sandworm has been in operation for more than a decade and has carried out sophisticated cyber-attacks against governments, telecommunications, and energy sectors in Ukraine, Poland, the EU and NATO. 

Cyber criminals were able to gain unauthorised access to the computer network of New Mexico company Westech International.  Westech provides critical support for the United States' Minuteman III nuclear deterrent, the intercontinental ballistic missile LGM-30G Minuteman III is a three-stage missile with a range of over 6,000 miles. 

The attack is believed to have been carried out by the threat group MAZE, which has previously claimed to have attacked Minnesota egg supplier Sparboe Companies with ransomware.  

After gaining access to Westech International's computer network, the criminals encrypted the company's machines and began to leak documents online to pressure the company to pay extortion. It is unclear if the documents stolen by the criminals include military classified information, but files which have already been leaked online suggest the hackers had access to extremely sensitive data, including payroll and emails.

The files stolen from Westech in the cyber-attack have been leaked online. The files appear to contain sensitive data, including company emails, payroll, and what has been described in some reports as "personal information." 
Westech confirmed that the company had been hacked and that its computers had been encrypted. No information was shared regarding when the attack took place or how the criminals gained entry to Westech's computer system.

The access of US systems by Russian hackers is more significant, especially during the forthcoming US Presidential  elections where there have neen warning of the likely repeat of hackers allegedly influencing the outcome of the presidential election in 2016 is already emerging.   

Westech International:      Infosecurity Magazine:       Sky News:       CPO Magazine:      CSO Online

You Might Also Read: 

The Destabilizing Danger Of Cyberattacks On Missile Systems:

 

« Google Faces Lawsuit For Tracking Users In Privacy Mode
The British Army Has A New Cyberwar Regiment »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Howden Broking Group

Howden Broking Group

Howden provides a range of specialist insurance solutions to clients around the world including Cyber Liability insurance.

ThreatMark

ThreatMark

ThreatMark provides fraud detection solutions for digital banking and payments.

FirstPoint Mobile Guard

FirstPoint Mobile Guard

FirstPoint Mobile Guard has developed the market’s most advanced solution for securing cellular devices, including mobile phones and IoT products, by blocking malicious data leakage.

Tutamantic

Tutamantic

Tutamantic develops software that reduces security risks and weaknesses during the architectural and design stages.

Global Lifecycle Solutions EMEA (Global EMEA)

Global Lifecycle Solutions EMEA (Global EMEA)

Global EMEA provides full lifecycle services to corporate Clients covering procurement, configuration, support, maintenance and end-of-life asset management.

QuillAudits

QuillAudits

QuillAudits offers advanced Ethereum, EOS, TRON smart contract audit, blockchain protocol security and formal verification to ensure your platform’s integrity.

Interos

Interos

Interos is the operational resilience company — reinventing how companies manage their supply chains and business relationships — through a breakthrough AI SaaS platform.

Cyber Bytes Foundation

Cyber Bytes Foundation

Cyber Bytes Foundation exists to establish and sustain a unique Cyber Ecosystem to accelerate the development of a strong Cyber workforce and support community outreach programs.

NI Cyber Security Centre

NI Cyber Security Centre

NI Cyber Security Centre works to make Northern Ireland cyber safe, secure and resilient for its citizens and businesses.

Accops Systems

Accops Systems

Accops enables secure and instant remote access to business applications from any device and network, ensuring compliant enterprise mobility.

Tuta

Tuta

Tuta (formerly Tutanota) is an all-in-one email, calendar and contacts app which protects your data with full end-to-end encryption and it requires zero personal information.

OSC Edge

OSC Edge

OSC was founded with the vision of providing expert solutions in IT to government and businesses. OSC Edge empowers organizations with solutions that prepare them for today and tomorrow.

Imprivata

Imprivata

Imprivata is the digital identity company for life- and mission-critical industries, redefining how organizations solve complex workflow, security, and compliance challenges.

Leo CybSec

Leo CybSec

Leo CybSec unites a group of Cyber Security experts with 20+ years of collective expertise to help our clients realise and mitigate the cyber challenges and risks facing their business.

GitLab

GitLab

GitLab is a complete DevOps platform, delivered as a single application, fundamentally changing the way Development, Security, and Ops teams collaborate and build software.

NetAlly

NetAlly

NetAlly network test solutions help engineers and technicians better deploy, manage, maintain, and secure today’s complex wired and wireless networks.