Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

LockBit posts UK Defence data following third-party hack

A cyber attack on one of its third-party providers has resulted in data belonging to the UK Ministry of Defence being leaked and posted online.

user icon Daniel Croft
Wed, 06 Sep 2023
LockBit posts UK Defence data following third-party hack
expand image

An attack on fencing manufacturer Zaun saw data stolen by the infamous LockBit ransomware gang last month, which was then posted on the threat actor’s dark web leak site.

“On 5th – 6th August, Zaun was subjected to a sophisticated cyber attack on our IT network by the LockBit ransom group,” the company said in a notice.

The stolen data reportedly included information pertaining to the Faslane nuclear submarine base in Scotland, as well as barracks and other military facilities.

Zaun has said that the breach occurred through a specific device running an old operating system.

“In an otherwise up-to-date network, the breach occurred through a rogue Windows 7 PC that was running software for one of our manufacturing machines. The machine has been removed and the vulnerability closed,” it said.

The company has also stressed that while the stolen files do include the details of work it has done on “high-profile sites” such as military bases and prisons, these fences are visible to the public.

“These fencing products are generally used to separate the public from the secure asset and, as such, are on public display and in the public domain,” the company added.

“Full details of all our products are also available on our website and available for unrestricted purchase.

“As such, it is not considered that any additional advantage could be gained from any compromised data beyond that which could be ascertained by going to look at the sites from the public domain.”

Zaun said that the data stolen included “historic emails, orders, drawings and project files”, but it does not believe any classified documents have been compromised.

The company said that LockBit got its hands on around 10 gigabytes of data, making up 0.74 per cent of all its stored information. Zaun also said that its own cyber security measures ensured that its servers were not encrypted.

Zaun has not yet confirmed the nature of the attack or whether a ransom was demanded. LockBit is known for its ransomware attacks, and the post on its dark web leak site suggests that this incident was no different, having listed a deadline of 29 August 2023, not long before the files were published.

The organisation has said that it has contacted the National Cyber Security Centre (NCSC) and the Information Commissioner’s Office (ICO).

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.