10 GB of UK military bases confidential information leaked via Windows 7 machine

The notorious LockBit ransomware organization is responsible for the exposure of gigabytes worth of sensitive material connected to websites used by the British military and intelligence services. Zaun, a company that manufactures fence systems and is situated in Wolverhampton, has disclosed that it was the victim of a cyberattack on August 5-6 that was carried out by LockBit.

“The security compromise happened on a network that was otherwise up to date, and it was caused by a malicious Windows 7 computer that was running software for one of our manufacturing machines. The server was unable to be encrypted due to our own internal cyber security measures. The computer has been taken down, and the security hole has been patched. According to a statement released by the corporation on September 1, 2023, “We have been able to continue work as normal with no interruptions to service.”

At the time of the attack, Zaun was under the impression that its cybersecurity solutions prevented any data from being sent. “However, we are now in a position to determine that LockBit was successful in downloading some data during the attack. While this may have been confined to the susceptible PC, there is still a possibility that some data stored on the server was read. It is suspected that there is 10 gigabytes worth of data, which may include some old emails, orders, drawings, and project files,” the statement went on to say.

On August 13, LockBit issued a statement claiming responsibility for this attack. Following the expiration of the deadline that the gang had set for Zaun to pay an unknown ransom, the group released some information on their leak site.

The data released by LockBit reportedly included thousands of pages of information that could help criminals access His Majesty’s Naval Base, Clyde (HMNB Clyde) nuclear submarine base, the Porton Down chemical weapon lab, and GCHQ’s communications complex in Bude, Cornwall, despite the fact that Zaun stated it does not believe any classified documents were stored on the system or have been compromised.

It has also been revealed that precise designs for the perimeter fence at Cawdor, a British Army base in Pembrokeshire, as well as a map outlining installations at the site, have been hacked. Both of these items have been stolen. During the operation, more papers were taken, including those pertaining to a number of different prisons, such as the Category A Long Lartin in Worcestershire and the Whitemoor Prison in Cambridgeshire.

As a result, Zaun said, “it is not believed that any more benefit could be derived from any hacked material beyond that which might be determined by going to look at the sites from the public domain.

The West Midlands Regional Cyber Crime Unit has been made aware of the incident, and they are in the process of launching an investigation into it at this time.

Kevan Jones, a Labour MP who is a member of the Commons Defence Select Committee, issued the following warning on August 3: “This is potentially very damaging to the security of some of our most sensitive sites.” The government is required to provide an explanation as to why the computer systems of this company were in such a vulnerable state. Any information that may potentially provide prospective adversaries with security arrangements is of the utmost significance.

Tobias Ellwood, a Conservative member of parliament and the leader of the Defense Committee, also expressed his worries. He posed the following question: “How does this affect the capability of our defense establishments to continue functioning without the threat of attack?” How can we strengthen our defenses against meddling from Russia and its proxies, which is undoubtedly connected to our policy of backing Ukraine? Lastly, this is yet another illustration of how warfare is no longer confined to the conventional battlefield; it has expanded into the digital sphere, which places ever-increasing demands on the many components that make up the security apparatus. The following is an excerpt from Zaun’s statement: “We have called the National Cyber Security Centre (NCSC), and we are receiving their guidance about this situation. In relation to the incident and the data breach, the Information Commissioner’s Office (ICO) has also been alerted. Contrary to popular belief, Zaun is not a government-approved security contractor but rather a maker of fence systems. Due to the fact that we are a producer of perimeter fence, any member of the general public is free to approach our fencing, which has been put at these locations, and examine it.