National Security News

Reporting the facts on national security

Cyber attack

Franco-British missile firm targeted by cybercriminals who demand £273k for stolen data

ByDennis Rice

Aug 26, 2022

Stolen missile data, which purports to include blueprints of weapons used by NATO allies in the Russia-Ukraine war, is being offered for sale on Russian and English hacker forums, it has emerged.

Cyber criminals Adrastea offering the date for sale on a Russian forum
Cyber criminals Adrastea offering the date for sale on a Russian forum

A cybercriminal group, using the pseudonym of Adrastea, is pricing the haul at 15 bitcoins (equivalent to £273,000) for 80GB of stolen intelligence and has allegedly been met by one unknown buyer so far.

Adrastea claimed to have found “critical vulnerabilities in the network infrastructure” of Franco-British MBDA, the world’s second largest missile maker.

Among the stolen data was details of employees working on MDBA's Enhanced Modular Air Defence Solution System (EMADS)
Among the stolen data was details of employees working on MDBA’s Enhanced Modular Air Defence Solution System (EMADS)

The classified military documents were hacked from a compromised hard drive belonging to a supplier of the firm, and allegedly relate to employees involved in projects such as EMADS (Enhanced Modular Air Defence Solutions) and MCDS (Mobile Coastal Defence System).

The European company, which has bases in the UK, France and Italy, admitted its data was among the stash, but denied that any of the classified files belong to it.

Police in Italy are investigating the data breach, and a NATO official confirmed they are following the investigation closely.

“We are assessing claims relating to data allegedly stolen from MBDA. We have no indication that any NATO network has been compromised. NATO takes all the necessary measures to keep our networks safe,” they added.

Yesterday, investigative journalists from the BBC claimed to have been offered a 50MB sample of the stolen data. Documents seen were labelled “NATO CONFIDENTIAL,” “NATO RESTRICTED” and “Unclassified Controlled Information.” In addition to the sample, the criminals supplied documents by email, including two marked “NATO SECRET”.

Nato’s classification levels are:

  • COSMIC TOP SECRET: unauthorised disclosure would cause exceptionally grave damage to NATO.
  • NATO SECRET: unauthorised disclosure would cause serious damage to NATO.
  • NATO CONFIDENTIAL: unauthorised disclosure would be damaging to NATO interests.
  • NATO RESTRICTED: unauthorised disclosure would be disadvantageous to the interests of NATO.
  • Unclassified Controlled Information is a US security label for information that is government created or owned; information that requires safeguarding or dissemination controls consistent with applicable laws, regulations and government-wide policies.

The hackers refused to say whether the material had come from more than one source. One file, seen by the BBC, detailed a “communications intelligence” flyover by a US air squadron at the end of 2020 in Estonia.

Among the stolen cache were sample files detailing the workings of the Land Ceptor/CAMM (Common Anti-Air Modular Missile) which was recently sent to Poland for use in the Ukraine conflict.

The missile group is owned by France’s Airbus and Britain’s BAE Systems, both with a 37.5% stake, and by Italy’s Leonardo, with a 25% stake. Last year it enjoyed record results.

The consortium posted 4.2bn euros ($4.54bn) in revenue last year and new orders were worth 5.12bn euros.

MBDA has some 16% of the global missile market, in terms of orders, but is the largest player in Europe, with a 43% share.

In a statement, the MBDA said: “No hacking of our secure networks has occurred. MBDA can confirm that there is no protectively marked data from MBDA involved.”

Author

  • Dennis Rice

    National Security News (NSN) welcomes the appointment of Dennis Rice, former Chief Reporter of the Daily Express and Investigations Editor of the Mail on Sunday, as its Launch Editor. He brings with him three decades of experience covering national and international news, which has also included a stint working as a producer at Channel 4 Dispatches. Commenting on his new role, Dennis said: “NSN is a digital platform which exists purely to break stories and uncover new twists and exclusives around existing ones. Whether it’s reporting on the cloak and dagger world of espionage, cyber terrorism, subversion, or intelligence we are very much looking forward to giving the existing media a run for its money.” Dennis Rice is a veteran investigative journalist who has finished as a runner up in Journalist of the Year category at the British Press Awards. He also worked as Investigations Editor of the Mail on Sunday, Chief Reporter of the Daily Express, and as a senior journalist at the Sunday Mirror and the News of the World. His Dispatches credits include working as a producer on How To Stop Your Nuisance Calls (an expose on charity fundraisers) and Murder in the Sky: Flight MH17 (reporting on the crash of the Malaysia Airlines flight MH17, shot down over the eastern Ukraine). While at the Mail on Sunday he wrote a series of articles which resulted in the resignation of BP Chief Lord Browne, and earlier David Blunkett as the then Work and Pensions Secretary. In 2011 he was paid damages at the High Court after his former employer the News of the World admitted hacking his phone.

    View all posts

Related Post

Belarus China Corruption Cyber attack European Union National Security Russia Sanctions South Africa Subversion Torture Ukraine War United Kingdom

How the world was in 2022, and how it might look in 2023: NSN’s review and predictions

Dec 30, 2022 London Correspondent
China Cyber attack National Security

US Regulators Must Help American Satellite Companies Stave Off Growing Threat From China

Dec 16, 2022 Dennis Rice
Cyber attack Russia Ukraine War

The Former Deputy Education Minister Teaching Russian Hackers a Lesson in Cyber Warfare

Dec 10, 2022 London Correspondent