I thought I posted something on this already, but apparently I didn’t, so if you hadn’t heard already, an Australian shipbuilder who also has contracts with the U.S. Navy was hacked and the hacker made extortion demands that the firm has refused.
Jeremy Kirk reports:
Australia’s largest defense exporter says it hasn’t responded to an extortion attempt after ship design schematics were stolen by a hacker.
Austal, which is based in Henderson, Western Australia, is one of the country’s largest shipbuilders; it has built vessels for the U.S. Navy.
The company, which is listed on Australia’s ASX stock exchange, announced the breach late Thursday. The announcement came just a day after a security researcher in France posted screenshots on Twitter of the purported stolen data.
Austal says the material is neither sensitive nor classified and that it has taken steps to secure its data systems.
Read more on GovInfoSecurity.
Here is some of what appeared on Twitter a few days ago:
someone is selling @austal cad files on black a hat board ? pic.twitter.com/ToVC9w7S4m
— Xylitol (@Xylit0l) October 31, 2018
i contacted him, he sent me 4 random samples, timestamp from 2017 to 2006 pic.twitter.com/euIeNn153v
— Xylitol (@Xylit0l) October 31, 2018
Is TheDarkOverlord Behind This?
Because of the nature of the crime – a hack and extortion attempt – some people have wondered whether this might be the work of TheDarkOverlord. The question is understandable, particularly since I reported almost exactly one year ago had TDO had attacked U.S. Navy defense contractors, including ATS, whose METBENCH software was used on warships. Now another firm that does defense work for the U.S. Navy was attacked? It’s understandable that people would wonder, except if you look at the listings posted on Twitter, those listings are not consistent with TDO’s sales listings, although the April, 2016 join date is intriguing. But selling such important material for 1 BTC? Would TDO sell for so little? It’s unlikely, but it would be a good way to put pressure on Austal – offer the data so cheaply that lots of people might buy it.
When asked directly whether they were behind the attack and extortion, a TDO spokesperson declined to confirm or deny. But they were willing to make a statement about attacking defense contractors, telling DataBreaches.net in an e-mailed statement:
U.S. Defence contractors are easy pickings and they always house very juicy materials that competing nation-states are very interested in. At some times they can be a tough nut to crack, but given enough time, we always crack the nut. Naval contractors are among the most important contractors to breach as surface and sub-surface warfare vessels allow nation-states to extend their attack capabilities in a very mobile and speedy way.