Attackers accessed UK military data through high-security fencing firm's Windows 7 rig
The risk of running obsolete code and hardware was highlighted after attackers exfiltrated data from a UK supplier of high-security fencing for military bases. The initial entry point? A Windows 7 PC.
While the supplier, Wolverhampton-based Zaun, said it believed that no classified information was downloaded, reports indicated that attackers were able to obtain data that could be used to gain access to some of the UK's most sensitive military and research sites.
The LockBit Ransom group conducted the attack on the company's network, and Zaun admitted the group may have exfiltrated 10GB of data. The company also confessed that the attack might have reached its server beyond the Windows 7 entry point.
"We do not believe that any classified documents were stored on the system or have been compromised," the company said, which will be tremendously reassuring to agencies that use the company's services. Zaun also said it had notified the National Cyber Security Centre (NCSC) as well as the UK's Information Commissioner's Office (ICO) regarding the breach.
In a statement, Zaun said: "We are aware of an attack upon our servers by the Lockbit [sic] Ransom group at the beginning of August. Our cyber-security systems closed the attack before they could encrypt any files on the server. However, it has become apparent that LockBit was able to download some data from our system, which has now been published on the Dark Web."
Zaun specializes in high-security perimeter fencing. It isn't a government-approved security contractor, although is approved for government use via the Centre for the Protection of National Infrastructure (CPNI). The fact it has fallen victim to a cyberattack and had data downloaded is a reminder for enterprises and organizations to be vigilant regarding every link in the supply chain.
https://www.theregister.com/2023/09/04/zaun_breach_windows_7/