Swiss Air Force Data Sold on Darknet – Hacked

Swiss Air Force Data Sold on Darknet – Hacked

Sa, Jan 6th 2024

Swiss Air Force compromised data, a supplier to the Swiss Department of Defense has been targeted by hackers, leading to a significant leak of Swiss Air Force data. This breach has resulted in sensitive documents being unlawfully distributed on the darknet, with suspicions pointing towards a Russian origin for the attackers.

Extensive Document Theft from Ultra Intelligence & Communications

A staggering volume of data has been compromised in this breach. As Swiss Radio and Television (SRF) reported, hackers might have stolen tens of thousands of documents from Ultra Intelligence & Communications, a prominent US defense firm. Around 30 gigabytes of partly sensitive and classified Swiss Air Force documents have been uploaded to the dark web, making them publicly accessible.

DDPS’s Response to the Darknet Leak

In the wake of this critical incident, the Federal Department of Defense, Civil Protection and Sport (DDPS) has been actively addressing the situation. A spokesperson informed the Keystone-SDA news agency that Armasuisse and the Defense Group were promptly notified about the cyberattack. The DDPS believes that the operational systems of the Swiss armed forces have not been affected by this malware attack.

Leaked Contract Worth Millions on the Dark Web

Among the compromised data are documents including a significant contract between the DDPS and Ultra, valued at nearly five million dollars. This contract was essential for the Swiss Air Force’s encrypted communications technology. Additionally, email correspondences and payment receipts related to these transactions have also been found on the dark web.

Ongoing Investigations into the Dark Net Data Breach

While the DDPS spokesperson provided limited details, they acknowledged Armasuisse’s business relationships with various Ultra companies. To date, the primary type of data leaked has been commercial, but the investigation into the full extent of the incident is still underway.

ALPHV Claims Responsibility for the Hacked Data

The hacker group ALPHV, known for its significant global presence, has claimed responsibility for this ransomware attack, which reportedly took place at the end of December 2023. Cybersecurity experts suggest that ALPHV could have Russian origins.

Ultra’s Global Client Network Exposed to Darknet Risks

Ultra’s involvement in the defense industry extends beyond the Swiss Air Force. Its client list includes other defense companies such as Ruag, as well as international agencies like the FBI and NATO. This widespread client base highlights the potential global impact of the breach.

Recent History of Cyberattacks on Swiss Federal Data

This incident marks the third significant cyberattack on Swiss federal data within the past six months. Previous incidents involved ransomware attacks on Swiss companies Xplain and Concevis, both of which have connections with the DDPS and other federal organizations.

In conclusion, the recent cyberattack on Ultra, leading to the unauthorized release of Swiss Air Force data on the darknet, serves as a stark reminder of the continuous cyber threats facing national security infrastructures. The ongoing investigation underscores the importance of enhanced cybersecurity measures to safeguard sensitive defense information.

©Keystone/SDA

Verwandte Geschichten

In Kontakt bleiben

Erwähnenswert

the swiss times
Eine Produktion der UltraSwiss AG, 6340 Baar, Schweiz
Copyright © 2024 UltraSwiss AG 2024 Alle Rechte vorbehalten