Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Security Privacy The Internet

Ransomware Scumbags Leak Boeing, Lockheed Martin, SpaceX Documents After Contractor Refuses To Pay (theregister.co.uk) 152

An anonymous reader quotes a report from The Register: Internal confidential documents belonging to some of the largest aerospace companies in the world have been stolen from an industrial contractor and leaked online. The data was pilfered and dumped on the internet by the criminals behind the DoppelPaymer Windows ransomware, in retaliation for an unpaid extortion demand. The sensitive documents include details of Lockheed-Martin-designed military equipment -- such as the specifications for an antenna in an anti-mortar defense system -- according to a Register source who alerted us to the blueprints. Other documents in the cache include billing and payment forms, supplier information, data analysis reports, and legal paperwork. There are also documents outlining SpaceX's manufacturing partner program.

The files were siphoned from Visser Precision by the DoppelPaymer crew, which infected the contractor's PCs and scrambled its files. When the company failed to pay the ransom by their March deadline, the gang -- which tends to demand hundreds of thousands to millions of dollars to restore encrypted files -- uploaded a selection of the documents to a website that remains online and publicly accessible. Visser is a manufacturing and design contractor in the U.S. whose clients are said to include aerospace, automotive, and industrial manufacturing outfits -- think Lockheed Martin, SpaceX, Tesla, Boeing, Honeywell, Blue Origin, Sikorsky, Joe Gibbs Racing, the University of Colorado, the Cardiff School of Engineering, and others. The leaked files relate to these customers, in particular Tesla, Lockheed Martin, Boeing, and SpaceX.

This discussion has been archived. No new comments can be posted.

Ransomware Scumbags Leak Boeing, Lockheed Martin, SpaceX Documents After Contractor Refuses To Pay

Comments Filter:
  • by guruevi ( 827432 ) on Monday April 13, 2020 @05:34PM (#59942600)

    This is as much to do with bad security protocols as it is with the criminals doing bad things. This could've been any other state actor and they would have a persistent node into the Lockheed and Boeing networks.

    The problem is that managers are refusing to provide proper equipment for these people and then want the government to investigate or bailout whenever something bad happens.

    There is no reason for ransomware to happen anymore, it is purely bad security and bad actors on the corporate side to let this happen.

    • If you know anything about IT, then you know that IT does not generate revenue, and it is the first department in any company to receive cost cutting, and it is the last to get a budget increase. What you proposed is very likely untrue, or only true in the sense that the IT department at this contractor is underpaid, understaffed, and overworked. I'll bet anything their client:tech ratio is 10,000 clients per IT specialist. You get what you pay for. If it is anyone's equal share of blame then it is the cont
    • by Fringe ( 6096 )

      A girl gets drunk in a bar... Unfortunate, but not unpredictable, events unfold.

      you just blamed the victim.

    • This is one of those problems you insure against, because there is no perfect prevention. You can only lock down so much before it gets in the way of people being able to do their jobs.

      • Jack stands get in the way of working under vehicles, literally. But you still mandate that your employees use them because otherwise they get squished sometimes.

        You find a way to work around the problems, you don't just not use safety equipment.

    • Yes, sometimes part of the blame is the lack of security, but then again, a lot of times leaks are used that are still not known and patched, so no real security is possible to counteract these. let's not forget, the hacking community knows much more leaks than are made public. Not all of these ransomware crap are spread by malicious mailattachments which are opened by the unaware users.
    • by AmiMoJo ( 196126 )

      We should be operating under the assumption that state actors have access to all this stuff and more. Since Snowden was able to exfiltrate so much data relatively easily it is reasonable to assume that even the most supposedly secure organizations and systems are in fact compromised by at the very least other states, if not criminals too.

    • Well, nothing was stolen - not withstanding blackmail is a crime. Embarrassing, sure. Ok, learn from that and choose better subcontractors, rather than lowest bid. Good security, with redundancy, with recovery costs. The good thing is these shitheads know they will not get the money, and will move on to dumber targets. Frustration so they published. So what - if they had anything - it would be emails discussing security compromises based on cost - no Deepwater-Horizon stuff so the incompetent keep their job
      • by cusco ( 717999 )

        This is just a sample of what they got, anything actually valuable is going to be on the market.

    • Yes, blame the victim. If you get robbed, remember it is your fault.
    • There are a few sides to this coin. One company that I'm familiar with, which actually never released a product, had evaluated their tech stack from the top down and from the bottom up.

      Top down: Engineers want Solidworks. In our country, everyone learns on Solidworks and training is difficult when the company is not using Solidworks. Solidworks requires Windows.

      Bottom up: Linux can be properly secured while enabling the level of file sharing necessary between engineers' computer, barring a directed attack a

  • Scumbags? You're being too nice
  • Sob, Sob... (Score:2, Insightful)

    by SirAstral ( 1349985 )

    Wait... why should we be crying for either side here?

    One one side we have plain run of the mill criminals that hack into machines for personal gain.

    On the other we have plain run of the mill criminal that hack into politicians for personal gain.

    Just because one side used a computer to gain an unfair advantage while the other side used a coffer really makes no difference to me. Bitches picking on bitches is the total summary of this story.

    Don't even get me started about "security" in IT. It's shit, has bee

    • Sure, sure, sure. Never mind that military secrets have just been put on the public Internet for every enemy of the United States to grab. What could possibly go wrong? 'Blame' pales in comparison to the damage that could potentially cause.
      Oh and by the way, need I point out that those are just the classified documents that we know about? Assuming for a moment that these 'ransomware' assholes are actually state-sponsored by a country hostile to the U.S., who knows what other classified documents they now h
      • "Never mind that military secrets have just been put on the public Internet for every enemy of the United States to grab."

        Just been put? You mean been put "again" on the public internet for every enemy of the US to grab?

        If the USA did not put them on the internet the first time these guys would not have likely been able to put more copies on the internet.

        Sure, folks need to go to jail.... but not just the hackers... how about the jokers telling people how to secure their systems? Put them in jail for a ch

  • Comment removed based on user account deletion
    • That's some of the most short-sighted crap I've read lately.
      • Comment removed based on user account deletion
  • by AlanObject ( 3603453 ) on Monday April 13, 2020 @06:11PM (#59942760)

    Setting aside the issue as to whether the contractor is to blame, this really is infuriating.

    I have to wonder how long it will be -- assuming it already hasn't happened -- before they irritate someone who is willing to commit sufficient capital to execute extra-judicial revenge. I am sure the bad guys are pretty well versed at keeping themselves hidden but there is no perfect system that can't be cracked by a sufficiently motivated, funded, and expert adversary.

    A few cases of heads on pikes outside that little township in Russia that nobody ever heard of before now and I bet the ransomware activity would drop precipitously.

    • by gweihir ( 88907 )

      I expect that will not happen. Because if you do that, you will also have to look at how these people got hold of the material they stole in the first place. There is really no explanation besides incompetence, greed and stupidity. And then heads that are already known will need to roll.

    • by hawk ( 1151 )

      >is willing to commit sufficient capital to execute extra-judicial revenge.

      In this case, maybe not so much capital, as CIA . . .

      When you publish military secrets, you move off of the "criminal" list and on to a list that gets a *much* different type of attention . . .

      hawk

  • by JBMcB ( 73720 ) on Monday April 13, 2020 @08:08PM (#59943238)

    This ransomware team just got a promotion from a few part-time FBI agents to the Air Force's cyber unit, along with, probably the NSA and the rest of the Five Eyes. Probably not the best move.

  • This is why you should also make your sub-contractors be compliant as well, especially when they are dealing with this type of information. "Supply chain risk management", NIST 800-161. Ironically, Lockheed Martin published this guide [lockheedmartin.com]; maybe they should have sent a copy over to Visser Precision's network security and compliance people. The "security chain" is only as strong as it's weakest link...
  • by gweihir ( 88907 ) on Monday April 13, 2020 @09:36PM (#59943522)

    Because, you know, "scumbags" do not get in if you things right. Seems to me all these secrets were not worth a lot because they were protected cheaply or not at all.

    • There are a few people in this discussion who keep making claims like that. Where have you found perfect IT security technology and the human beings who never make mistakes to administer it? Asking for a friend.

      • by gweihir ( 88907 )

        Well, fist you should fix your understanding of what security actually tries to achieve. Anybody asking for "perfect" is automatically marking themselves as not competent. To keep people like these attackers out, reasonable regular security is usually quite enough. As these were military secrets, elevated security would be required. You know, like basically any bank nicely manages because they have no choice due to regulation.

        Hence, very simply for you: These people screwed up because they did not implement

        • I don't know what you think "reasonably regular" security looks like, but I've had first-hand visibility of the kinds of IT security strategies used in a lot of organisations that you'd think would use more than just "regular" levels of protection. The ones where data exfiltration would only be realistic with a willing accomplice on the inside were the exception rather than the rule. Even organisations dealing with classified material or with regulatory compliance obligations have finite budgets and staff,

    • The leak was actually at a supplier level rather than at the prime contractor level. It's going to be a struggle going forward on how to secure the IT across the supply chain: I'm sure Boeing, Lockheed Martin, and SpaceX have substantial network security, but the small mom and pop machine shop they may contract fabrication to may not, and that's apparently how these guys got those documents, from that smaller supplier and not directly from those larger entities' networks.
  • If it's just a computer gang looking to make some easy money........that's all she wrote for them. By the end of the summer, every person involved will be living in a small cell with bars, or possibly as a hunter-gatherer in some cave in Pakistan or Afganistan. Those sorts of outfits are small players, and they can only tangle with the small fry. Step into the ring with the heavyweights, you gotta be able to hold your own or get crushed. And that's a VERY long list of heavyweights that they just pissed of
    • What is to prevent them from getting state level support post factum? If they reside in Russia, China or other such state they would be somewhat protected by default (default policy for criminal help from US is "get lost"). Now that they have proven they can get some interesting data they can easily extend this to active protection.

Technology is dominated by those who manage what they do not understand.

Working...