Atak na dane kluczowego dostawcy NATO – jak wybrać bezpieczny nośnik?

As reported by the BBC, NATO is assessing the impact of a recent hacking attack on a key supplier to the organization that leaked sensitive data. The stolen information includes "blueprints" - of military industrial giant MBDA Missile Systems - describing weapons used by NATO allies in the war in Ukraine. The attack, which took place in Italy, involved an unsecured external hard drive. MBDA confirms the information, adding that it is cooperating with local authorities.

At the end of July, the organization that carried out the attack published a letter demanding a ransom from MBDA and stated that they were "a group of independent cyber security specialists and researchers. We found critical vulnerabilities in your network infrastructure and gained access to the company's files and sensitive data. Currently, the volume of downloaded data is about 60 GB (gigabytes). The downloaded data contains confidential and closed (sic!) information about your company's employees who participated in the development of MBDA's closed military projects (PLANCTON, CRONOS, CA SIRIUS, EMADS, B1NT, etc. ) and your company's commercial activities in the interest of the European Union Ministry of Defense (design documentation for air defense, missile and coastal defense systems, drawings, presentation, video and photographic (3D) materials, contract agreements and correspondence with other companies [...]."

NATO concerned

According to a BBC investigation, the hackers were willing to sell about 80 GB of data. The editors received a 50-megabyte sample, which in fact contained NATO classified information (NATO SECRET - information whose disclosure would cause serious damage to NATO). The difference between the 60 GB claimed to have been in the criminal's possession in late July and the 80 GB claimed to have been in the criminal's possession since late August may be the result of a more complete extraction of data from the stolen disk.

If you're looking for a data security solution, then:

• Choose a secure USB storage product approved by NCIA (NATO Communications and Information Agency).
• Make sure your supplier doesn't use components or services from Russia and/or China in its solutions, as these countries are classified as threats to NATO as of 2022. Make no mistake: it is now possible to sell FIPS 140-2 Level 3 certified products that are de facto Chinese security products. Encrypting to Western standards is against China's policy, as it requires submitting to reliable FIPS certification by NIST in the United States.
• Choose solutions that are more secure than TAA compliance alone, and make sure that all critical components, such as cryptographic processors in products, come from a country other than China, Russia or those listed in TAA.

How do DataLocker solutions improve data security?

The manufacturer's solutions meet NATO requirements - they are approved by the NCIA. All critical device components come from the Netherlands, Japan and Taiwan, which are TAA-compliant territories. Secure your sensitive data with DataLocker and get additional protection capabilities:

• Block unsecured USB flash drives with PortBlocker Endpoint Software.
• Switch to secure USB storage devices with a secure origin.
• Control all USB devices in your company with SafeConsole's central management system, including through audit trails, data policies and lifecycle control.

Sources:
https://news.clearancejobs.com/2022/08/29/nato-investigates-blackmail-efforts-from-cyber-criminals-against-mbda-missile-systems/
https://www.bbc.com/news/technology-62672184?utm_campaign=22-ep-mq-00&utm_medium=email&utm_source=datalocker&utm_content=pressrelease&utm_term=1