September 10, 2022: Ransomware Attack on ForceNet Communication Platform used by Australian Military
Hackers attacked ForceNet's communications platform used by Australian military personnel and defense staff. The ForceNet service is run by Dialog Information Technology. The Australian Dept. of Veteran Affairs' website states: "Defence has announced that it has been informed that an external ICT service provider which facilitates ForceNet has been subject to a ransomware attack. ForceNet is a Defence e-communications platform used to connect registered users within secure online communities. To be clear, this is not an attack on Defence ICT"
ITWire in Australia reports on 31 October that Dialog was hit by an attack which used the Agenda ransomware that runs only on Windows. The group behind the attack, Qilin, announced it on the dark web on 19 September.
This is the 9th attack in little over a month, affecting Australia's biggest companies, likely exposing the details of millions of customers.
September 27, 2022: Sophisticated Phishing Campaign Targets Military and Weapons Contractors
Security researchers have discovered a new campaign targeting multiple military contractors involved in weapon manufacturing, including an F-35 Lightning II fighter aircraft components supplier. The highly targeted attacks begin with a phishing email sent to employees, leading to a multi-stage infection involving many persistence and detection avoidance systems.The campaign stands out for its secure C2 infrastructure and multiple layers of obfuscation in the PowerShell stagers. The campaign stands out for its secure C2 infrastructure and multiple layers of obfuscation in the PowerShell stagers.
June 10, 2021: DoE Nuclear Subcontractor Suffers Cyber Attack
A subcontractor for the Department of Energy (DoE) that conducts nuclear weapons-related work, said it fell victim to a security breach.
Sol Oriens is the name of the consulting firm working with DoE’s National Nuclear Security Administration, the federal agency which has a mission of enhancing and securing U.S. nuclear stockpiles. Sol Orien’s work with the nuclear agency remain unclear to the public at this point.
January 15, 2020: Ransomware Bites Defense Manufacturer, Communications & Power Industries
An unsegmented domain appears to be a key aspect into the downfall of a defense industry manufacturer that suffered a ransomware attack.
A source with knowledge of the incident said the defense contractor paid a ransom of about $500,000 shortly after the incident in mid-January, but the company was not yet fully operational, according to a report with TechCrunch.com.
California-based Communications & Power Industries (CPI) makes components for military devices and equipment, like radar, missile seekers and electronic warfare technology. The company works with the U.S. Department of Defense and its advanced research unit DARPA.