According to a Pentagon spokesperson, the Department of Defense office responsible for background investigations is working with law enforcement to examine claims by the ALPHV or BlackCat ransomware group that they have stolen documents containing sensitive data related to the U.S. military.
The ransomware group said early Tuesday that they had stolen and threatened to leak 300 gigabytes of data from Technica, a Virginia-based IT services company that describes itself as working with the federal government and “their mission to support, to defend and protect America’s citizens.”
ALPHV claimed that the stolen data is related to the Defense Counterintelligence and Security Agency, which carries out background investigations and insider threat analyses. To back up its claim, the gang posted more than two dozen screenshots of alleged stolen documents featuring the names, social security numbers, clearance levels, roles and work locations of dozens of people as well as invoices, contracts for entities ranging from the FBI to the U.S. Air Force and information related to private entities and facilities who contract with the U.S. government.
Mark B. Cooper, President & Founder, PKI Solutions had this comment:
“This situation demonstrates the critical need for cybersecurity measures and inter-agency coordination to protect sensitive information. It highlights the importance of managing the security posture for each of the core services that manage sensitive information like identity and encryption through real-time tools for configuration and threats. Although tools such as traditional risk assessments have sufficed in the past, they are not timely enough alone to deal with the modern threat landscape. An emphasis on real-time alerting, adoption of best practices, and rapid mitigation once the threat is detected must be a top priority for organizations.”
This highlights the fact that you as an organization don’t have to get pwned to be affected by what a cybercrime organization does. Thus you have to ensure that every business partner that you as an organization has is doing what they need to do to protect themselves and you from a catastrophic event like this one.