Hackers Threaten To Release Classified Data About U.S. Nukes To Adversaries
By: Jim Stickley and Tina Davis
July 18, 2020
It’s a tense moment for one of the three U.S. nuclear triads after a sub-contractor for Northrup Grumman had its network encrypted in a Maze ransomware attack. Earlier this month, Westech International confirmed it was indeed the victim of the Maze attack that encrypted it data. The sub-contractor works with the Minuteman III intercontinental ballistic missile (ICBM), one leg of the three nuclear triads protecting the U.S. from foreign threat. Russian-speaking hackers behind the security incident added a new twist to the ransomware attack: Threaten to sell the heisted ICBM data files to hostile nations if the ransom isn’t paid.
Maze ransomware has been extorting various victims for the past year, and it’s been grabbing headlines ever since. The criminals behind the Maze attacks have figured out a way to prosper from an “either/or” ransom outcome that some call the “double whammy.” The Maze attack against Westech International gives a new twist to the ransomware, creating what the hackers hope is a win-win situation for them.
Keeping the damage of ransomware threats to a minimum is possible since security experts, including the FBI, warn targets not to pay the ransom. The idea being that paying a ransom only encourages more ransomware attacks. Taking steps to protect against the threat is always recommended, including those listed below.
- Regularly backup data, including that in a cloud, and keep it somewhere offsite. It’s important to test the backed-up data to make sure the data restoration process works when needed.
- Strong and unique passwords are always recommended for any online account, and never, ever reuse them. Also use two-factor authentication (2FA) or multi-factor authentication (MFA) whenever possible.
- Keep software and security patches updated as soon as they are released. Doing so keeps software up to date with the latest security bug fixes.
- Beware of phishing emails as they are often the way malware enters a system. Cybersecurity education for employees is a great way to minimize email phishing risks and other data security threats.
- Have a security plan in place for ransomware and other attacks. A plan allows a quick response to cyber threats and helps minimize the damage. Remember to update it when employees and contacts change.
Westech International provides engineering and maintenance support for the ICBMs and many other U.S. military installations. Sky News reports it’s not yet known what classified data the cybercriminals have, if any, as the security event is still being investigated. However, leaked files from the crime have shown up online, indicating the hackers may have access to highly sensitive data that includes payroll and email addresses. It’s not yet clear if the hackers possess classified military information.