This post is also available in: עברית (Hebrew)
A cyber attack on nuclear data is one of the highest concerns of states. Cyber threats to nuclear materials, facilities, command, control and communications are becoming more sophisticated every day.
Hackers have reportedly stolen confidential documents from a US military contractor which provides critical support for the country’s Minuteman III intercontinental ballistic missiles nuclear deterrent.
After gaining access to Westech International’s computer network, the criminals encrypted the company’s machines and began to leak documents online to pressure the company to pay extortion, according to news.sky.com.
The company is involved with the nuclear deterrent as a sub-contractor for Northrup Grumman, providing engineering and maintenance support for the Minuteman III missiles. Northrup Grumman and the US Department of Defense declined to comment.
A Westech spokesperson confirmed that the company had been hacked and its computers encrypted, and that investigations to identify what data the criminals had managed to steal were ongoing.
It is unclear if the documents stolen by the criminals include military classified information, but files which have already been leaked online suggest the hackers had access to extremely sensitive data, including payroll and emails.
There are also concerns that Russian-speaking operators behind the attack could attempt to monetise their haul by selling information about the nuclear deterrent on to a hostile state.
Minuteman III is the land-based component of the US nuclear deterrent, stored in hundreds of protected underground launch facilities operated by the US Air Force. Each ICBM is capable of delivering multiple thermonuclear warheads further than 6,000 miles, or the distance between London and Buenos Aires.
Westech’s computers were encrypted with the MAZE ransomware, which is traded on a range of Russian-speaking underground cyber crime markets and has been used to attack dozens of companies in the West in the past year alone. The creators of MAZE seem to operate under an affiliate model allowing hackers to use their tool in exchange for a slice of the profits, according to research into the group by cyber security firm FireEye.