Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

Secret Data Leak Hits French Submarine Maker: Report

French Submarine Maker DCNS Suffers Massive Data Leak

French defense contractor DCNS has been hit by a massive leak of secret data on its submarines likely to alarm India, Malaysia and Chile which use the boats, The Australian newspaper reported on Wednesday.

French Submarine Maker DCNS Suffers Massive Data Leak

French defense contractor DCNS has been hit by a massive leak of secret data on its submarines likely to alarm India, Malaysia and Chile which use the boats, The Australian newspaper reported on Wednesday.

The 22,400 leaked pages, which the daily said it had seen, detail the combat capability of the Scorpene-class DCNS submarine designed for the Indian navy, variants of which are used by Malaysia and Chile. Brazil is also due to deploy the vessels from 2018.

Australia in April awarded DCNS an Aus$50 billion (US$38 billion) contract to design and build its next generation of submarines.

Prime Minister Malcolm Turnbull sought to play down the impact of the leak, saying in Canberra that while it was “of concern”, the Scorpene was a different model to the subs Australia is buying.

“The submarine we are building or will be building with the French is called the Barracuda, quite, completely different submarine to the Scorpene they are building for India,” he told Channel Seven.

“We have the highest security protections on all of our defense information, whether it is in partnership with other countries or entirely within Australia.”

The leaked documents were marked “Restricted Scorpene India” and gave the combat capabilities of India’s new submarine fleet, The Australian said.

They also included thousands of pages on the submarine sensors and thousands more on its communication and navigation systems as well as nearly 500 pages on the torpedo launch system alone.

Advertisement. Scroll to continue reading.

Indian Defense Minister Manohar Parrikar ordered a probe into the newspaper report, saying the documents could have been obtained through hacking.

“I have asked the navy chief to investigate the matter and find what has been leaked and how much of it is about us,” Parrikar told reporters in India.

“What I understand is there is a hacking,” he said without giving details.

DCNS told AFP it was aware of the articles published in the Australian press and “national security authorities” had launched an inquiry into the matter, without giving details.

“This inquiry will determine the precise nature of the documents which have been leaked, the potential damage to our customers as well as those responsible.”

The Australian said DCNS implied that the leak may have come from India rather than France.

The daily, however, said the data was thought to have been removed from France in 2011 by a former French naval officer who at the time was a subcontractor for DCNS.

The data is believed to have passed through firms in Southeast Asia before eventually being mailed to a company in Australia, the newspaper said.

Australian Defense Industry Minister Christopher Pyne said in a statement the leak “has no bearing on the Australian government’s future submarine program”.

Pyne said the program “operates under stringent security requirements that govern the manner in which all information and technical data is managed now and into the future”.

Australia awarded its submarine contract to DCNS but the secret combat system for the 12 Shortfin Barracudas is being supplied by the United States.

The submarines are a scaled-down conventionally powered version of France’s 4,700-tonne Barracuda.

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Incident Response

Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Incident Response

Meta has developed a ten-phase cyber kill chain model that it believes will be more inclusive and more effective than the existing range of...

Cloud Security

VMware described the bug as an out-of-bounds write issue in its implementation of the DCE/RPC protocol. CVSS severity score of 9.8/10.