A Russian hacking group has claimed it infiltrated a technology company responsible for handling “classified and classified” documents for US intelligence agencies.
BlackCat, also known as ALPHV, threatened to sell or release more than two dozen documents related to the Defense Security and Counterintelligence Agency, which conducts background investigations and insider threat analysis, if tech firm Technica did not “contact us immediately”.
Technica is a vet-owned company that works to “support the federal government and their mission to support, defend and protect the American people,” according to its website.
By hacking its site, ALPHV claims, it obtained 300 gigabytes of data, including documents displaying Department of Defense employee names, Social Security numbers, clearance levels, roles and work locations.
The screenshots also include billing invoices, contracts for the FBI and the US Air Force, as well as information related to private companies that have contracted with the US government.
The motive for the attack remains unclear, and it is not known whether the group is linked to the Kremlin.
BlackCat, also known as ALPHV, claims online it obtained more than two dozen documents related to the Defense Security and Counterintelligence Agency. @AlvieriD / X
The Post has also reached out to Technica for comment.
Meanwhile, a spokesman for the Department of Defense said the agency was “aware of the alleged incident and is coordinating with law enforcement and appropriate security officials to address concerns.
“We will not comment on any security posture of cleared facilities or any specific security incidents,” the spokesperson said in a statement to The Post.
But cybersecurity experts warn that the federal government should take the threat seriously.
“While these are not classified documents, there is a lot of sensitive data that can be obtained from confidential or sensitive documents,” Allan Liska, a ransomware researcher at Recorded Future, told Cyberscoop.
Cyber security experts say Russian groups could combine data received from that attack with information obtained in other attacks. famveldman – stock.adobe.com
Brett Callow, a threat analyst at cyber security firm Emisoft, also said: “Incidents like this cannot be considered in isolation.
“Exfiltrated data can be combined with information obtained in other attacks and from other sources, so a breach can be more significant than it appears,” he explained to the Daily Dot.
Making matters more dangerous, Liska said, that information “can be used by nation-state actors to target.”
The ALPHV attack comes as FBI Director Chris Wray warned lawmakers on Wednesday that Chinese hackers could “wreak havoc” on critical US infrastructure.
The ALPHV attack comes as FBI Director Chris Wray warned lawmakers on Wednesday that Chinese hackers could “wreak havoc” on critical US infrastructure. Michael Brochstein/SOPA Images/Shutterstock
“Chinese hackers are positioning America’s infrastructure in preparation to wreak havoc and cause real-world harm to American people and communities if and when China decides the time has come to strike,” Wray told the House Select Committee on the Chinese Communist Party.
“To measure what we’re dealing with, the PRC has a hacking program bigger than every major country combined,” the FBI director said.
“In fact, if you took every one of the FBI’s cyber agents and intelligence analysts and focused them exclusively on the Chinese threat, Chinese hackers would still outnumber the FBI’s cyber staff by at least 50 to 1.”
He later described the PRC’s hacking efforts as part of the Communist country’s “pronged attack” on our national security and economy, which he called “the defining threat of our generation.”
Categories: Trending
Source: thtrangdai.edu.vn/en/
