Security News > 2023 > September > Attackers accessed UK military data through high-security fencing firm's Windows 7 rig

The risk of running obsolete code and hardware was highlighted after attackers exfiltrated data from a UK supplier of high-security fencing for military bases.

The initial entry point? A Windows 7 PC. While the supplier, Wolverhampton-based Zaun, said it believed that no classified information was downloaded, reports indicated that attackers were able to obtain data that could be used to gain access to some of the UK's most sensitive military and research sites.

The LockBit Ransom group conducted the attack on the company's network, and Zaun admitted the group may have exfiltrated 10GB of data.

In a statement, Zaun said: "We are aware of an attack upon our servers by the Lockbit [sic] Ransom group at the beginning of August. Our cyber-security systems closed the attack before they could encrypt any files on the server. However, it has become apparent that LockBit was able to download some data from our system, which has now been published on the Dark Web.".

The company boasts: "All our fencing systems can be designed and manufactured with a wide variety of security additions, including toppings and detection technology to complete your perimeter." Unless, it appears, your perimeter is running some distinctly outdated kit.

VP of EMEA, highlighted the targeted nature of the attack - a third-party supplier - in the context of cyber attacks on government agencies.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/09/04/zaun_breach_windows_7/