Nuclear Missile Contractor Hacked

Uploaded on 2020-06-15 in TECHNOLOGY--Hackers, INTELLIGENCE--USA, GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW

Hackers have stolen confidential documents from a US military contractor which provides critical support for the country's Minuteman III nuclear deterrent. The National Security Agency (NSA) has warned of Russian military hackers actively exploiting a popular email program to infiltrate computer systems within the United States. 

Spies from countries around the world are fighting a silent, dirty war to get in position in civilian infrastructure, like electricity generating civilian nuclear plants, to be able to commit sabotage during a moment of geopolitical tension.

The Russian military hacking group, Sandworm Team, operates as part of the Russian military intelligence agency (GRU).Sandworm has been in operation for more than a decade and has carried out sophisticated cyber-attacks against governments, telecommunications, and energy sectors in Ukraine, Poland, the EU and NATO. 

Cyber criminals were able to gain unauthorised access to the computer network of New Mexico company Westech International.  Westech provides critical support for the United States' Minuteman III nuclear deterrent, the intercontinental ballistic missile LGM-30G Minuteman III is a three-stage missile with a range of over 6,000 miles. 

The attack is believed to have been carried out by the threat group MAZE, which has previously claimed to have attacked Minnesota egg supplier Sparboe Companies with ransomware.  

After gaining access to Westech International's computer network, the criminals encrypted the company's machines and began to leak documents online to pressure the company to pay extortion. It is unclear if the documents stolen by the criminals include military classified information, but files which have already been leaked online suggest the hackers had access to extremely sensitive data, including payroll and emails.

The files stolen from Westech in the cyber-attack have been leaked online. The files appear to contain sensitive data, including company emails, payroll, and what has been described in some reports as "personal information." 
Westech confirmed that the company had been hacked and that its computers had been encrypted. No information was shared regarding when the attack took place or how the criminals gained entry to Westech's computer system.

The access of US systems by Russian hackers is more significant, especially during the forthcoming US Presidential  elections where there have neen warning of the likely repeat of hackers allegedly influencing the outcome of the presidential election in 2016 is already emerging.   

Westech International:      Infosecurity Magazine:       Sky News:       CPO Magazine:      CSO Online

You Might Also Read: 

The Destabilizing Danger Of Cyberattacks On Missile Systems:

 

« Google Faces Lawsuit For Tracking Users In Privacy Mode
The British Army Has A New Cyberwar Regiment »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

PubNub

PubNub

PubNub enables developers to build secure realtime Mobile, Web, and IoT Apps.

Critical Infrastructures for Information and Cybersecurity (ICIC)

Critical Infrastructures for Information and Cybersecurity (ICIC)

ICIC addresses the demand for cybersecurity for National Public Sector organizations and civil and private sector organizations in Argentina.

Visa

Visa

Visa is a global payments technology company that connects consumers, businesses and banks in more than 200 countries and territories worldwide.

National Intelligence Service (NIS) - South Korea

National Intelligence Service (NIS) - South Korea

The NIS oversees policy on cyber security in South Korea by formulating and coordinating the execution of such policy and devising necessary schemes and guidelines.

Ethoca

Ethoca

Ethoca is a secure network for card issuers and merchants to connect and work cooperatively outside the payment network in a unique and powerful way.

Visual Guard

Visual Guard

Visual Guard is a modular solution covering most application security requirements, from application-level security systems to Corporate Identity and Access Management Solutions.

TrainACE

TrainACE

TrainACE, is a professional computer training school offering courses in information technology with a focus on Advanced Security training.

Slovak National Accreditation Service (SNAS)

Slovak National Accreditation Service (SNAS)

SNAS is the national accreditation body for Slovakia. The directory of members provides details of organisations offering certification services for ISO 27001.

Dcode

Dcode

Dcode connects the tech industry and government to drive commercial innovation in the federal market.

TierPoint

TierPoint

TierPoint delivers secure, reliable, and connected infrastructure solutions at the internet’s edge. We meet you where you are in your journey to solve for data storage, compute, and recovery.

Spotit

Spotit

Spotit offers a wide-ranging portfolio of technologies and services, from consultancy, assessments and pentesting to the set up of completely new security and network infrastructures.

risk3sixty

risk3sixty

Risk3sixty are information and cyber risk management craftsmen helping build business-first security and compliance programs.

Global Resilience Federation (GRF)

Global Resilience Federation (GRF)

GRF builds, develops and connects security information sharing communities for mutual defense.

Auxilion

Auxilion

Auxilion is an award-winning provider of consulting and IT support services, technologies and consulting for public and private organisations in the UK and Ireland.

Hudson Rock

Hudson Rock

Hudson Rock’s products — Cavalier & Bayonet — are powered by our cybercrime database, composed of millions of machines compromised by Infostealers in global malware spreading campaigns.

Halo Security

Halo Security

Halo Security is a fast, easy, and scalable external attack surface management platform that gives security leaders deep visibility into their internet-facing assets.