Security News > 2021 > June > REvil Hits US Nuclear Weapons Contractor: Report

REvil Hits US Nuclear Weapons Contractor: Report
2021-06-11 18:16

A subcontractor for the U.S. Department of Energy that works on nuclear weapons with the National Nuclear Security Administration, last month was hit by a cyberattack that experts say came from the relentless REvil ransomware-as-a-service gang.

As Javers noted, "We don't know everything this small company does," but he posted a sample job posting that indicates that it handles nuclear weapons issues: "Senior Nuclear Weapon System Subject Matter. Expert with more than 20 years of experience with nuclear weapons like the W80-4." The W80 is a type of nuclear warhead carried on air-launched cruise missiles.

Whether REvil - or whichever gang proves to be responsible for the attack - got its hands on more sensitive, secret information about the country's nuclear weapons remains to be seen.

REvil is known for both audacious attacks on the world's biggest organizations and suitably astronomical ransoms.

In one recent attack, for example, the targeted organization "Logged a massive volume of failed inbound RDP login attempts targeting the server which eventually because a point of access for the attackers," Sophos researchers wrote.

Rew Brandt, a principal researcher for Sophos, told Threatpost on Friday that the part of an attack where a network gets broken into is handled by affiliates or customers of the REvil software developers.


News URL

https://threatpost.com/revil-hits-us-nuclear-weapons-contractor-sol-oriens/166858/