UK Security Contractor Denies Severity Of Hack

Zaun, a UK manufacturer of fencing systems for the Ministry of Defense, revealed late last week that it was hit by a cyber-attack carried out by LockBit between August 5th and 6th where gigabytes of data related to top secret British military and intelligence sites were exposed. Gigabytes of sensitive data that could help criminals access the HMNB Clyde nuclear submarine base, the Porton Down chemical weapon lab and a GCHQ listening post were posted to the dark web. Labour MP Kevan Jones, stated: “This is potentially very damaging to the security of some of our most sensitive sites.”

The breach occurred through a Windows 7 PC that was running software for one of Zaun’s manufacturing machines. At the time of the attack, Zaun believed its cybersecurity solutions prevented any transfer of data.

“However, we can now confirm that during the attack LockBit managed to download some data, possibly limited to the vulnerable PC but with a risk that some data on the server was accessed. It is believed that this is 10 GB of data, potentially including some historic emails, orders, drawings and project files,” said the statement.

Zaun said it does not believe that any classified documents were stored on the system, but the data released by LockBit included thousands of pages of data related to the perimeters of His Majesty’s Naval Base, Clyde nuclear submarine base, the Porton Down chemical weapon lab and numerous jails.

Stephen Gates, Principal Security SME, had this comment:

   “As the cyberthreat landscape continuously changes, manufacturers face a unique set of IT challenges, as well as the real, physical ramifications that impact their bottom lines. Today’s attackers fully understand the disadvantages manufacturers face, especially in terms of their reliance on various computing systems, antiquated operating systems, commercial and custom-built applications, and lots of devices – some new and some incredibly old.

   “In a recent autonomous penetration test performed by’s NodeZero, it found a computer in a manufacturing network running a pre-Windows 2000 operating system, exploited it, and eventually achieved domain admin. Many manufacturers likely have some older computers still in use that are running operating systems no longer supported. Although the older computers work just fine for the minimal tasks they perform, they can easily become an enabler of a successful breach.”

I for one don’t buy a word that Zaun says regarding how bad this is. And why in the world were they running a Windows 7 PC? There’s a lot here that needs to be unpacked as this hack could be catastrophic on so many levels.

Leave a Reply

%d bloggers like this: