The ransomware group has stolen thousands of Ministry of Defence papers and uploaded them to the dark web, following a data breach affecting fencing manufacturer
Fencing manufacturer Zaun has reported that a “sophisticated cyber-attack” affected the company early last month. The incident occurred through a “rogue Windows 7 PC” no longer in operation.
The company said in a statement that it believed the incident did not compromise any classified documents. However, The Daily Mirror has reported that information in the stolen documents could help the group access sites, including the Faslane nuclear submarine base in Scotland, several high-security prisons, and other national security details. Other government areas may have been affected by the security breach.
The firm contacted the National Cyber Security Centre for advice and committed to keeping “relevant agencies” updated on any findings from the ongoing investigation.
LockBit is a Russian-linked criminal group known to be one of the world’s most dangerous. This is not the first the ransomware group has carried out on UK companies. Earlier this year, it demanded an £80m ransom after hacking into the Royal Mail’s software, blocking international shipments, and last summer, it attacked the NHS, forcing doctors to keep patient records offline. Mikhail Pavlovich, who is on the FBI’s most wanted list, is believed to have led the group’s cyber-attack.
A spokesperson for Zuan said: “LockBit will have potentially gained access to some historic emails, orders, drawings and project files, we do not believe that any classified documents were stored on the system or have been compromised. We are in contact with relevant agencies and will keep these updated as more information becomes available. This is an ongoing investigation and as such subject to further updates.”
The breach has evolved into a debate amongst the UK Government on the storage of data and the lack of security measures.
Reacting to the incident, Kevan Jones member of the Commons Defence Select Committee, said: “This is potentially very damaging to the security of some of our most sensitive sites.
“The government needs to explain why this firm’s computer systems were so vulnerable. Any information which gives security arrangements to potential enemies is of huge concern.”
Tobias Ellwood, chair of the defence committee, also addressed the matter and asked: “How does this affect the ability of our defence establishments to continue functioning without the threat of attack? How do we better defend ourselves from Russian-backed interference, no doubt related to our stance in supporting Ukraine?
“This is another example of how conflict is no longer limited to the traditional battlefield; it now includes the digital domain and is placing ever greater demands on security apparatus.”
