GOLD GALLEON Buccaneer related?
and/or (RATs), Nighthunter keylogger, Predator Pain Malware
"Rats running."
Shipbuilder, defense contractor Austal reveals data breach
Hackers demanded payment for the return of stolen information.
November 2, 2018
Austal has revealed a data breach and extortion attempt but insists the company has no intention of bowing to such demands.
On Thursday, the Perth-based shipbuilder – which holds contracts to build ships for the US Navy and Australian Navy, among others – said that its Australian business had "detected and responded to a breach of the company's data management systems by an unknown offender."
The company says that some staff email addresses and mobile phone numbers were exposed during the security incident.
Austal has not revealed how the data breach took place, but It appears that the threat actors behind the incident were successful in stealing information.
According to the firm, "certain materials" were offered back to Austal – for a price.
Austal has refused to pay up and says the firm "has not and will not respond to the extortion attempts."
"There is no evidence to date to suggest that information affecting national security nor the commercial operations of the company have been stolen: ship design drawings which may be distributed to customers and fabrication subcontractors or suppliers are neither sensitive nor classified," Austal added.
The firm's US business has not been impacted by the data breach. In October, Austal secured a $58 million contract to secure the materials required to build an expeditionary fast transport vessel for the US Navy.
The shipbuilder has informed the Australian Cyber Security Centre (ACSC) and the Australian Federal Police and says the Office of the Australian Information Commissioner will be "involved as required."
Austal has patched up the security weakness in question and is now ramping up its cybersecurity practices. Additional security measures are being put in place to prevent data breaches from occurring in the future.
The cyberattack is likely a wake-up call for the contractor which may have now realized how disruptive cyberattacks can be – in the same way that the Port of San Diego and the Port of Barcelona recently discovered.
In September, both ports fell prey to cyberattacks within the course of a week. The port of San Diego later confirmed that the attack was ransomware-related.
Several months before, researchers from Pen Test Partners warned that common maritime navigation systems were susceptible to exploit due to vulnerabilities which permitted attackers to reconfigure the GPS coordinates of ships.
https://www.zdnet.com/article/australian-shipbuilder-defense-contractor-reveals-data-breach-extortion-demands/