Security News > 2021 > February > Revealed: The military radar system swiped from aerospace biz, leaked online by Clop ransomware gang

Revealed: The military radar system swiped from aerospace biz, leaked online by Clop ransomware gang
2021-02-24 20:04

A CAD drawing of a radar antenna stolen and leaked online by criminals is of a military radar system produced by defense contractor Leonardo and fitted to a number of US and UAE aircraft, The Register has learned.

The Register can reveal Clop got its hands on at least one drawing of a Leonardo Seaspray 7500E radar antenna, and divulged on its Tor-hidden website a rendering of the hardware in some detail - without its external covers usually seen in promotional material.

The Canadian aerospace manufacturer produces military variants of its Global 6000 business jets for select customers, hence its need for diagrams of specialist radar gear.

A number of people with knowledge of military radar systems and antennas also looked at at the leaked blueprint, recognized the device, and confirmed its identity to The Register.

The Clop ransomware gang are tracked by FireEye under the catchy names UNC2546, UNC2582, and Fin11.

Ransomware gang specialist Brett Callow, of infosec outfit Emsisoft, told The Register the crooks may even attempt to peddle the exfiltrated data rather than give it all away for free: "If information has significant commercial value, ransomware groups likely sell it rather than publish it. In fact, some groups actually state that's what they do. Which, perhaps, makes it somewhat peculiar that Clop chose to publish this particular information."


News URL

https://go.theregister.com/feed/www.theregister.com/2021/02/24/seaspray_radar_ransomware/