Most recently, BlackCat fought with the FBI with ALPHV - now the APT group has landed a new hack: The US company Ultra I&C, which supplies Switzerland, NATO and many other countries with military equipment and cybersecurity, is said to have lost 30 GB of data have them available for download on the dark web.
There is currently no official statement from Ultra I&C (Ultra Intelligence & Communications) on the hack by the Russian APT group BlackCat with the ransomware ALPHV, but other bodies, such as the Swiss Army, have. The Federal Department of Defense, Civil Protection and Sport – DDBS for short – confirmed the hacker attack to the SRF. The VBS comment reads: “Armasuisse and the Defense Group were informed of the ransomware attack by the company Ultra Intelligence & Communications.” According to current knowledge, operational systems of the Swiss Army are not affected.
30 GB of data from Ultra I&C probably on the darknet
On the BlackCat / ALPHV group's leak page you can see an entry with lots of data and screens. The SRF has probably viewed some of the data and reports on a contract found between the VBS and the US company Ultra I&C for almost five million dollars. According to the leaked documents, the Swiss DDPS purchased technology for the Air Force's encrypted communications.
BlackCat-ALPHV writes on its site: “Our team penetrated Ultra I&C's network and stole approximately 30 GB of sensitive data from there. We had enough time to get our hands on some interesting papers.” According to the SRF's investigation with an expert, the leaked data shows that Ultra I&C carries out orders worldwide for defense companies, police and military authorities. Including the FBI and NATO.
What is particularly sensitive is the fact that Ultra I&C also sells cybersecurity products. Those responsible still have to clarify to what extent the data leak and the stolen data may contain important secrets. Partners and customers will certainly expect comprehensive answers and expertise.
BlackCat weakened by the FBI with ALPHV?
During the last operation by the FBI, it was certain that the infrastructure of the APT group BlackCat / ALPHV was severely weakened. As a counter-action, the group, which was probably Russian, published a statement saying that there should be no more limits in the coming actions. The current attack was probably not aimed at blackmail. Based on the current situation, it was probably just an attack intended to cause as much damage and unrest as possible among Western allies.
More at Ultra-IC.com
One thought on "Data on the Darknet: ALPHV hacks US defense company Ultra "
Comments closed