Cyberthreats against aerospace and military sectors are rising manifold as critical infrastructures increasingly get connected over the internet. Advanced Persistent Threat (APT) groups working in association with a nation state target these sectors with the aim:
- To steal intellectual property related to advanced aerospace and defense capabilities and produce technologies for sale on the dark market;
- To collect high-level intelligence data and subvert other nations’ defense systems and capabilities.
The state of current cyberthreats
Amidst this COVID-19 pandemic, the defense and aerospace sectors remained a vulnerable target for hackers.
- McAfee reported a new wave of attacks from North Korea-based Hidden Cobra hackers. Dubbed ‘Operation North Star’, the campaign targeted the U.S. defense and aerospace sectors with fake job offers. It began in late-March and lasted through May 2020.
- ESET researchers discovered an Operation In(ter)ception attack against European aerospace and military companies. The attack was launched by creating fake LinkedIn accounts of HR representatives from Collins Aerospace and General Dynamics.
Ransomware threats add more tension
- Maze ransomware attackers stole 1.5 TB of sensitive data after gaining unauthorized access to VT San Antonio Aerospace’s network. The compromised data included project implementation plan details, timelines, schedules, type of parts/equipment, and financial records.
- Denver-based Visser Precision Manufacturing, a supplier to a number of major defense companies such as Lockheed Martin, General Dynamics and SpaceX, was targeted by DoppelPaymer ransomware that exfiltrated the company’s data before encrypting it. Later, the gang threatened to publish the stolen data in a bid to extract ransom from the firm.
Bottom line
With cyber threats constantly increasing and evolving in nature, it is especially important to protect organizations with defense industrial bases. These sectors hold mission-critical information and operational assets vital to national security. If infiltrated, the ramifications can plague a nation’s security strategy, hampering the warfighting edge, creating chaos within the critical infrastructure, and ultimately undermining adversary deterrence.