British mesh fencing systems maker Zaun has disclosed a LockBit ransomware attack that potentially led to the compromise of data related to UK military and intelligence sites.
Headquartered in Wolverhampton, Zaun specializes in high-security perimeter fencing products used by prisons, military bases, and utilities.
In a data breach notice posted on September 1, Zaun announced that the cyberattack occurred in early August, that it was able to thwart it before data was encrypted, and that its services were not interrupted by the incident.
According to the company, although file-encrypting ransomware was not executed on its systems, the LockBit ransomware group did manage to exfiltrate data from the network.
“At the time of the attack, we believed that our cyber-security software had thwarted any transfer of data. However, we can now confirm that during the attack LockBit managed to download some data,” the company says.
Zaun notes that all its fencing products are typically used to “separate the public from the secure asset”, meaning that they are on public display and that the attackers would gain no advantage from the compromised data.
“LockBit will have potentially gained access to some historic emails, orders, drawings and project files, we do not believe that any classified documents were stored on the system or have been compromised. We are in contact with relevant agencies and will keep these updated as more information becomes available,” the company says.
However, Zaun also acknowledges that the ransomware group has since made the stolen data public on the internet. Some of the information appears related to UK military, intelligence, and research bases.
As part of the cyberattack, the LockBit gang first compromised a Windows 7 computer running software for a manufacturing machine, and likely only exfiltrated data from that system, Zaun says.
Active since at least 2020 and operating under the Ransomware-as-a-Service (RaaS) model, LockBit was responsible for roughly one-fifth of the ransomware attacks observed in Australia, Canada, New Zealand, and the US last year, and is believed to have received more than $91 million in ransom payments.
“LockBit has already been responsible for some of this year’s biggest cyberattacks as well as the exploitation of the MOVEit vulnerability. The significance of this attack is that by undermining IT security, it is also possible to undermine the physical security of its customers,” WithSecure cybersecurity advisory Paul Brucciani said in an emailed comment.
Related: Russian National Arrested, Charged in US Over Role in LockBit Ransomware Attacks
Related: US Government Warns Organizations of LockBit 3.0 Ransomware Attacks
Related: LockBit Ransomware Group Developing Malware to Encrypt Files on macOS
More from Ionut Arghire
- Generative AI Startup Nexusflow Raises $10.6 Million
- Researchers Extract Sounds From Still Images on Smartphone Cameras
- Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks
- Cloudflare Users Exposed to Attacks Launched From Within Cloudflare: Researchers
- FBI Warns Organizations of Dual Ransomware, Wiper Attacks
- Lumu Raises $30 Million for Threat Detection and Response Platform
- Cisco Warns of IOS Software Zero-Day Exploitation Attempts
- Russian Zero-Day Acquisition Firm Offers $20 Million for Android, iOS Exploits
Latest News
- Bankrupt IronNet Shuts Down Operations
- AWS Using MadPot Decoy System to Disrupt APTs, Botnets
- Generative AI Startup Nexusflow Raises $10.6 Million
- In Other News: RSA Encryption Attack, Meta AI Privacy, ShinyHunters Hacker Guilty Plea
- Researchers Extract Sounds From Still Images on Smartphone Cameras
- National Security Agency is Starting an Artificial Intelligence Security Center
- CISA Warns of Old JBoss RichFaces Vulnerability Being Exploited in Attacks
- Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks
