Cyber extortionists have stolen sensitive information from a company that supports the US Minuteman III nuclear deterrent, according to Sky News. After gaining access to Westech International’s computer network, the criminals encrypted the company’s machines and began to leak documents online to pressure the company to pay extortion. It is unclear if the documents stolen by the criminals include military classified information, but already-leaked files suggest the hackers had access to extremely sensitive data, including payroll and emails. The company is involved with the nuclear deterrent as a sub-contractor for Northrup Grumman, providing engineering and maintenance support for the Minuteman III intercontinental ballistic missiles.
Ransomware coupled with the trickling leak of compromised data is slowly becoming the new weapon of choice for cyber attackers. The leakage of confidential data acts as a form of leverage, upping the pressure on victims to pay the ransom. This way, even if the data was backed up and the organisations can be back to business as usual in a few hours, they will continue to have problems with the release of private information. This data would have been encrypted whilst on the network, but it may have been leaked along with the key to unlock it.
Extremely sensitive data comes with a high price tag, but the fines for the loss of data can be equally extortionate. It never bodes well for any victim to pay the demands of a hacker, as once payment has been sent there is never any guarantee that the hackers won’t increase the original ransom or even release the data regardless. Once faced with this extremely frustrating dilemma, it is then a case of working towards the least worst outcome and weighing up possible options.
If there can be anything positive that could come from this, it would be other organisations learn from it and the plethora of increasingly common cyberattacks. Safe simulations that recreate such attacks can help future attacks, as they highlight weaknesses that could be attacked.