tirsdag 17. oktober 2017

Ugraderte data vedr. F-35 og P-8 på avveie - AW&ST

Non-Classified F-35, P-8 Data Stolen In Cyber Breach

Oct 13, 2017 Aerospace Daily & Defense Report

A hacker stole non-classified data about the F-35 Joint Strike Fighter, P-8 maritime patrol  aircraft  and other military programs during a cyber breach of an Australian firm in 2016, according to Australian government officials.                      
About 30 gigabytes of sensitive data were stolen in the cyber attack on a small Australian defense contractor, an official from the Australian Signals Directorate said during a conference in Sydney, according to reports. The compromised data included details on Lockheed Martin’s F-35 and C-130 transport aircraft, Boeing’s P-8 and Joint Direct Attack Munition smart bomb, and several naval vessels, the official said.
F-35 Joint Program Office spokesman Joe Dellavedova confirmed the breach but stressed that no classified information on the stealth fighter was compromised.
F-35As: USAF



















“The F-35 Joint Program Office is aware of this supplier cyber breach that compromised non-classified data in the summer of 2016,” Dellavedova said. “No classified F-35 information was compromised.”
The Australian government still has not identified the hacker, Defense Industry Minister Christopher Pyne told Australian Broadcasting Corporation (ABC) Radio. He also stressed that no classified military information was taken.
“Fortunately the data that has been taken is commercial data, not military data ... it’s not classified information,” Pyne said. “I don’t know who did it.”
The data theft was first reported Oct. 10 as part of the 2017 Threat Report from the Australian Cyber Security Center (ACSC). The hacker had “sustained” access to the network for an “extended” period of time, and stole a “significant” amount of data, according to the report. ACSC first became aware of the attack in November 2016.
“Analysis showed that the adversary gained access to the victim network by exploiting an internet-facing server, then using administrative credentials to move laterally within the network, where they were able to install multiple webshells—a script that can be uploaded to a webserver to enable remote administration of the machine—throughout the network to gain and maintain further access,” according to the report.
Lagt inn av kl.

Ingen kommentarer:

Legg inn en kommentar

Merk: Bare medlemmer av denne bloggen kan legge inn en kommentar.

Abonner på: Legg inn kommentarer (Atom)