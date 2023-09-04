Russian-aligned threat actors have reportedly hit the UK\u2019s Ministry of Defence (MoD) and leaked security information on military and intelligence sites online. Hackers targeted the database of Zaun, a firm which handles physical security for some of Britain\u2019s most secretive locations including a nuclear submarine base, a chemical weapon lab, and a GCHQ listening post, according to The Mirror. They released thousands of pages of data which could include highly sensitive national security details, with information about high-security prisons also stolen in the raid by notorious ransomware group LockBit, the news report said.\n\nAttack \u201cvery damaging\u201d to security of UK\u2019s most sensitive sites\n\n\u201cOn 5th \u2013 6th August, Zaun was subjected to a sophisticated cyberattack on our IT network by the LockBit ransom group,\u201d read a statement on the company\u2019s website. \u201cOur own cybersecurity prevented the server from being encrypted. \u201cWe have been able to continue work as normal with no interruptions to service.\u201d\n\nThe breach occurred through a rogue Windows 7 PC that was running software for one of the firm\u2019s manufacturing machines. \u201cThe machine has been removed and the vulnerability closed,\u201d it added. \u201cWe can now confirm that during the attack LockBit managed to download some data, possibly limited to the vulnerable PC but with a risk that some data on the server was accessed. It is believed that this is 10 GB of data, 0.74% of our stored data.\u201d\n\nLockBit will have potentially gained access to some historic emails, orders, drawings, and project files, the statement continued, although Zaun \u201cdoes believe that any classified documents were stored on the system\u201d or have been compromised. The UK National Cyber Security Centre (NCSC) and the Information Commissioner\u2019s Office (ICO) have been contacted with regards to the attack and data leak.\n\n\u201cThis is potentially very damaging to the security of some of our most sensitive sites,\u201d said Kevan Jones, a Labour MP who sits on the Commons Defence Select Committee. \u201cThe government needs to explain why this firm\u2019s computer systems were so vulnerable. Any information which gives security arrangements to potential enemies is of huge concern.\u201d\n\nConflicts expand to digital domain, place greater demands on security apparatu\n\nThe incident is an example of how physical conflict (specifically the ongoing war between Russia and Ukraine) is no longer limited to the traditional battlefield \u2013 expanding to the digital domain and placing ever greater demands on security apparatus, commented Tory MP Tobias Ellwood, chair of the defence committee. \u201cHow do we better defend ourselves from Russian-backed interference no doubt related to our stance in supporting Ukraine?,\u201d he asked.\n\nIn April, the UK National Cyber Security Centre (NCSC) issued an alert to UK critical national infrastructure (CNI) organisations warning of an emerging threat from state-aligned groups, particularly those sympathetic to Russia\u2019s invasion of Ukraine. The alert stated that newly emerged groups could launch \u201cdestructive and disruptive attacks\u201d with less predictable consequences than those of traditional cybercriminals, with CNI organisations strongly encouraged to follow NCSC advice on steps to take when cyber threat is heightened.