Jump to content
  • REvil ransomware hits US nuclear weapons contractor

    Karlston

    • 599 views
    • 3 minutes
     Share


    • 599 views
    • 3 minutes

    REvil ransomware hits US nuclear weapons contractor

     

    US nuclear weapons contractor Sol Oriens has suffered a cyberattack allegedly at the hands of the REvil ransomware gang, which claims to be auctioning data stolen during the attack.

     

    Sol Oriens describes itself as helping the "Department of Defense and Department of Energy Organizations, Aerospace Contractors, and Technology Firms carry out complex programs."

     

    However, job postings first spotted by CNBC correspondent Eamon Javers provide some insight into Sol Orien's operations, who are seeking program managers, consultants, and a 'Nuclear Weapon System Subject Matter Expert' to work with the National Nuclear Security Administration (NNSA).

     

    "Sol Oriens LLC currently has an opening for a Senior Nuclear Weapon System Subject Matter. Expert with more than 20 years of experience with nuclear weapons like the W80-4. This. Subject Matter Expert works with NNSA Federal and other Contractor personnel to organize,. coordinate, implement, and manage technical program activities for the W80-4 Life Extension. Program.," says one of the job postings.

     

    "Position Responsibilities. Planning and managing nuclear weapon life extension programs and associated. stockpile management as they relate to the maintenance of a highly reliable and safe. nuclear deterrent."

    REvil claims to have stolen data from Sol Oriens

    Last week, the REvil ransomware operation listed companies whose data they were auctioning off to the highest bidder.

     

    One of the listed companies is Sol Oriens, where REvil claims to have stolen business data and employees' data, including salary information and social security numbers.

     

    As proof that they stole data during the attack, REvil published images of a hiring overview document, payroll documents, and a wages report.

     

    As a way to pressure Sol Oriens into paying the threat actor's extortion demands, the ransomware gang threatened to share "relevant documentation and data to military angencies (sic) of our choise (sic)."

    Threat to share stolen data with military agencies
    Threat to share stolen data with military agencies

    In a statement shared by Javers on Twitter, Sols Oriens confirmed a cyberattack in May 2021 that affected their network.

     

    "The investigation is ongoing, but we recently determined that an unauthorized individual acquired certain documents from our systems."

     

    "Those documents are currently under review, and we are working with a third-party technological forensic firm to determine the scope of potential data that may have been involved."

     

    "We have no current indication that this incident involves client classified or critical security-related information. Once the investigation concludes, we are committed to notifying individuals and entities whose information is involved."

     

    Like many other ransomware operations, REvil is believed to be operating out of Russia or another CIS country.

     

    Over the weekend, G7 leaders issued a statement asking Russia to help disrupt ransomware gangs believed to be operating within its borders.

     

    President Biden will also be discussing the recent ransomware attacks with Russian President Vladimir Putin at the June 16th Geneva summit.

     

     

    REvil ransomware hits US nuclear weapons contractor


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...