A Russian hacking group has claimed it infiltrated a technology company responsible for handling “classified and top secret” documents for US intelligence agencies.
BlackCat, also known as ALPHV, threatens to sell or publish more than two dozen documents related to the Defense Counterintelligence and Security Agency, which conducts background investigations and insider threat analysis, if technology company Technica does not “ Get back to us soon.”
Technica is a veterinarian-owned company that works to “support the federal government and its mission to support, defend, and protect American citizens,” according to its website.
By infiltrating their site, ALPHV claims, it recovered 300 gigabytes of data, including documents with DoD employee names, Social Security numbers, clearance levels, roles and workplaces.
The screenshots also include billing invoices, contracts for the FBI and the US Air Force, as well as information related to private companies that have contracted with the US government.
The motive for the attack is still unclear and it is unknown if the group is linked to the Kremlin.
BlackCat, also known as ALPHV, claimed online that it recovered more than two dozen documents related to the Defense Counterintelligence and Security Agency. @AlvieriD/X
The Post also contacted Technica for comment.
Meanwhile, a Defense Department spokesperson said the agency “is aware of the allegations in this incident and is coordinating with law enforcement and security officials to address concerns.
“We will not comment on the security posture of any licensed facility or any specific security incident,” the spokesperson said in a statement to The Post.
But cybersecurity experts warn that the federal government should take the threat seriously.
“Even if these are not classified documents per se, there is a lot of sensitive data that can be obtained even from confidential or sensitive documents,” Allan Liska, ransomware researcher at Recorded Future, told Cyberscoop.
Cybersecurity experts say the Russian group could combine the data it received from the attack with information obtained in other attacks. famveldman – stock.adobe.com
Brett Callow, threat analyst at cybersecurity firm Emisoft, also said: “Incidents like this should not be considered in isolation.
“The extracted data can be combined with information obtained in other attacks and from other sources, so leaks may be more significant than they appear,” he explained to the Daily Dot.
To make things more dangerous, Liska said, the information “could be used by state actors as targets.”
The ALPHV attack came as FBI Director Chris Wray warned lawmakers Wednesday that Chinese hackers could “wreak havoc” on critical US infrastructure.
The ALPHV attack came as FBI Director Chris Wray warned lawmakers on Wednesday that Chinese hackers could “wreak havoc” on critical US infrastructure. Michael Brochstein/SOPA Images/Shutterstock
“Chinese hackers are positioning themselves on American infrastructure in preparation to wreak havoc and cause real-world harm to American citizens and communities if China decides the time has come to strike,” Wray told the House Select Committee of Representatives on the Chinese Communist Party.
“To quantify what we’re dealing with, the People’s Republic of China has a hacking program larger than all major nations combined,” the FBI director said.
“In fact, if you took every single FBI cyber agent and intelligence analyst and focused them exclusively on the China threat, hackers from China would still outnumber FBI cyber personnel by at least 50%. 1”.
He went on to describe the PRC’s hacking efforts as part of the communist country’s “multifaceted attack on our national and economic security,” which he called “the defining threat of our generation.”
Categories: Trending
Source: vtt.edu.vn