Security News
US nuclear weapons contractor Sol Oriens has suffered a cyberattack allegedly at the hands of the REvil ransomware gang, which claims to be auctioning data stolen during the attack. Job postings first spotted by CNBC correspondent Eamon Javers provide some insight into Sol Orien's operations, who are seeking program managers, consultants, and a 'Nuclear Weapon System Subject Matter Expert' to work with the National Nuclear Security Administration.
A subcontractor for the U.S. Department of Energy that works on nuclear weapons with the National Nuclear Security Administration, last month was hit by a cyberattack that experts say came from the relentless REvil ransomware-as-a-service gang. As Javers noted, "We don't know everything this small company does," but he posted a sample job posting that indicates that it handles nuclear weapons issues: "Senior Nuclear Weapon System Subject Matter. Expert with more than 20 years of experience with nuclear weapons like the W80-4." The W80 is a type of nuclear warhead carried on air-launched cruise missiles.
US troops charged with guarding nuclear weapons in Europe used popular education websites to create flash cards, exposing their exact locations and top-secret security protocols, according to the investigative site Bellingcat Friday. To familiarize themselves with things like which shelters in various locations had "Hot" vaults with live nuclear bombs, with security patrol schedules, and with identification badge details, the soldiers created digital flash card sets on apps like Chegg Prep, Quizlet and Cram.
Details of some US nuclear missile bunkers in Europe, which contain live warheads, along with secret codewords used by guards to signal that they're being threatened by enemies, were exposed for nearly a decade through online flashcards used for education, but which were left publicly available. The astonishing security blunder was revealed by investigative journalism website Bellingcat, which described what it found after "Simply searching online for terms publicly known to be associated with nuclear weapons."
A threat actor believed to be working on behalf of Chinese state-sponsored interests was recently observed targeting a Russia-based defense contractor involved in designing nuclear submarines for the naval arm of the Russian Armed Forces. Rubin Design Bureau is a submarine design center located in Saint Petersburg, accounting for the design of over 85% of submarines in the Soviet and Russian Navy since its origins in 1901, including several generations of strategic missile cruiser submarines.
Iran blamed Israel on Monday for a sabotage attack on its underground Natanz nuclear facility that damaged its centrifuges, an assault that imperils ongoing talks over Tehran's tattered nuclear deal and brings a shadow war between the two countries into the light. "My policy as prime minister of Israel is clear: I will never allow Iran to obtain the nuclear capability to carry out its genocidal goal of eliminating Israel," Netanyahu said.
Iran on Sunday described a blackout at its underground Natanz atomic facility an act of "Nuclear terrorism," raising regional tensions as world powers and Tehran continue to negotiate over its tattered nuclear deal. Ali Akbar Salehi, the American-educated head of the Atomic Energy Organization of Iran, who once served as the country's foreign minister, offered what appeared to be the harshest comments of his long career, which included the assassination of nuclear scientists a decade ago.
Britain's 2021 Defence Review states that the nation will not use nuclear weapons against any non-nuclear state party to the Treaty on the Non-Proliferation of Nuclear Weapons 1968. Around the same time, the UK Attorney General, Jeremy Wright QC MP, said, "The UK considers it is clear that cyber operations that result in, or present an imminent threat of, death and destruction on an equivalent scale to an armed attack will give rise to an inherent right to take action in self-defense, as recognized in Article 51 of the UN Charter."
Some jokingly said the cryptic tweet, ";l;;gmlxzssaw," was a US nuclear launch code. Now the US Strategic Command, which runs the country's powerful nuclear weapons force, says the enigmatic posting on its Twitter account in fact came from the hands of a precocious kid.
Researchers have uncovered two novel Android surveillanceware families being used by an advanced persistent threat group to target military, nuclear and election entities in Pakistan and Kashmir. The two malware families, which researchers call "Hornbill" and "SunBird," have sophisticated capabilities to exfiltrate SMS messages, encrypted messaging app content and geolocation, as well as other types of sensitive information.