[BreachExchange] NATO's Cloud Platform Hacked
Sophia Kingsbury
sophia.kingsbury at riskbasedsecurity.com
Tue Jun 22 10:26:34 EDT 2021
https://www.ehackingnews.com/2021/06/natos-cloud-platform-hacked.html
The SOA & IdM platform is utilized by NATO and is classified as secret. It
was used to conduct various critical functions inside the Polaris
programme. The North Atlantic Treaty Organization (NATO), commonly known as
the North Atlantic Alliance, is an intergovernmental military alliance made
up of 30 European and North American countries.
The organization is responsible for carrying out the North Atlantic Treaty,
which was signed on April 04, 1949. NATO is a collective defense
organization in which NATO's independent member states commit to defending
each other in the event of an external attack. NATO's headquarters are in
Haren, Brussels, Belgium, and Allied Command Operations' headquarters is
near Mons, Belgium.
Polaris was developed as part of NATO's IT modernization effort and uses
the SOA & IdM platform to provide centralized security, integration, and
hosting information management. The military alliance classified the
platform as a secret because it performs multiple key roles.
According to the hackers, they used a backdoor to make copies of the data
on this platform and attempted to blackmail Everis. They went even further,
making jokes about handing over the stolen material to Russian
intelligence.
Paul Howland, Polaris Program Officer explained the benefits of the
program: “This project has the potential to be a game-changer in how NATO
will develop and deploy its operational services in the future. It will
drive innovation and reduce costs. Operational by ensuring a much greater
reuse of deployed capacities".
The hackers who carried out the attack said they had no idea they could
take advantage of a flaw in the NATO platform at first. Furthermore, they
concentrated solely on Everis' corporate data in Latin America, despite
NATO's announcement that it was ready to respond to a cyber-attack. One of
the secure NATO systems was among Everis' subsidiaries, much to their
astonishment.
After analyzing the company and discovering documents connected to drones
and military defense systems, the hackers continued stealing more data from
Everis networks. They justified their actions by claiming that they were
not "for peace on earth and in the cyber world" when they slowed the
development of the Polaris programme. The hackers sought a ransom of XMR
14,500 from Everis in exchange for not linking the company's identity to
the LATAM Airlines data breach. They've also demanded this money in
exchange for not revealing any NATO data.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20210622/8d009faa/attachment.html>
More information about the BreachExchange
mailing list