The REvil ransomware gang, thought to be behind an attack on meat producer JBS which netted an impressive $11m payoff, has found another victim. Described as a "a small, veteran-owned consulting firm focused on managing advanced technologies and concepts with strong potential for military and space applications," Sol Oriens' links to the US nuclear weapons programme were revealed in a job posting for a "Senior Nuclear Weapons System Subject Matter Expert" on recruitment site Lensa, first spotted by CNBC correspondent Eamon Javers.
US nuclear weapons contractor Sol Oriens has suffered a cyberattack allegedly at the hands of the REvil ransomware gang, which claims to be auctioning data stolen during the attack. Job postings first spotted by CNBC correspondent Eamon Javers provide some insight into Sol Orien's operations, who are seeking program managers, consultants, and a 'Nuclear Weapon System Subject Matter Expert' to work with the National Nuclear Security Administration.
A subcontractor for the U.S. Department of Energy that works on nuclear weapons with the National Nuclear Security Administration, last month was hit by a cyberattack that experts say came from the relentless REvil ransomware-as-a-service gang. As Javers noted, "We don't know everything this small company does," but he posted a sample job posting that indicates that it handles nuclear weapons issues: "Senior Nuclear Weapon System Subject Matter. Expert with more than 20 years of experience with nuclear weapons like the W80-4." The W80 is a type of nuclear warhead carried on air-launched cruise missiles.
We need to face that reality by halting the purchase of insecure weapons and support systems and by incorporating the realities of offensive cyberattacks into our military planning. Military computers, whether they're embedded inside weapons systems or on desktops managing the logistics of those weapons systems, are similarly vulnerable.
Details of some US nuclear missile bunkers in Europe, which contain live warheads, along with secret codewords used by guards to signal that they're being threatened by enemies, were exposed for nearly a decade through online flashcards used for education, but which were left publicly available. The astonishing security blunder was revealed by investigative journalism website Bellingcat, which described what it found after "Simply searching online for terms publicly known to be associated with nuclear weapons."
The highest-ranked officer in India's armed forces has admitted that China has cyber-war capabilities that can overwhelm his nation's defenses and suggested that only cross-forces collaboration will get India to parity with its giant neighbor. General Bipin Rawat, a four-star general and since 2020 the first to hold a new role of chief of defense staff, offered that assessment yesterday in a talk hosted by Indian think tank the Vivekananda International Foundation.
SAP and security analysts Onapsis say cyber-criminals are pretty quick to analyze the enterprise software outfit's patches and develop exploits to get into vulnerable systems. In a joint report issued by the two organizations, Mariano Nunez, CEO of Onapsis, cited "Conclusive evidence that cyberattackers are actively targeting and exploiting unsecured SAP applications," and warned time was of the essence, reporting "SAP vulnerabilities being weaponized in less than 72 hours since the release of patches."
Weapons programs from the U.S. Department of Defense are falling short when it comes to incorporating cybersecurity requirements, according to a new watchdog report. While the DoD has developed a range of policies aimed at hardening the security for its weapon systems, the guidance leaves out a key detail - the contracts for procuring various weapons.
The Energy Department and its National Nuclear Security Administration, which is the agency that maintains the U.S. nuclear stockpile, have been compromised as part of the widespread cyberattack uncovered this week stemming from the massive SolarWinds hack. An exclusive report by Politico cited DoE official sources who said that their department was infiltrated by the cyberattackers, including hits on the NNSA; the Federal Energy Regulatory Commission which has oversight for the entire department; the Sandia and Los Alamos national laboratories in Washington and New Mexico; and the Richland Field Office of the DoE. The DoE confirmed its compromise on Friday.