A group of Russian hackers claimed to have infiltrated a technology company responsible for handling “confidential and top-secret” documents for the U.S. intelligence community.
BlackCat, also known as ALPHV, is threatening to sell or release more than 20 documents related to the Defense Counterintelligence and Security Agency, which conducts background checks and insider threat analysis, if the tech company Tecnica does not “immediately contact us. ”. ”
Tecnica is a veteran-owned company committed to “supporting the federal government and its mission to assist, protect and protect the American people,” according to its website.
By compromising the site, ALPHV claims to have obtained 300 gigabytes of data, including documents containing the names, social security numbers, clearance levels, roles, and work locations of Department of Defense employees.
The screenshots also include invoices, FBI and U.S. Air Force contracts, and information related to private companies contracting with the U.S. government.
The motive for the attack remains unclear, and it is unclear whether the group has ties to the Kremlin.
The Post also contacted Technica for comment.
Meanwhile, a Pentagon spokesperson said the Pentagon is “aware of the allegations in this incident and is coordinating with appropriate law enforcement and security agencies to address the concerns.”
“We do not comment on security arrangements at licensed facilities or specific security incidents,” a spokesperson said in a statement to the Post.
But cybersecurity experts warn that the federal government should take the threat seriously.
“A lot of sensitive data can also be collected from classified and classified documents, even if these are not sensitive documents themselves,” said Allan Liska, ransomware researcher at Recorded Future. states. told Cyberscoop.
Brett Callow, a threat analyst at cybersecurity firm Emisoft, said:
“The compromised data could be combined with information obtained from other attacks and other sources, so the breach could be more significant than it appears.” This was explained to the Daily Dot.
Riska said the situation is made even more dangerous because this information “could be used for targeting by state actors.”
The ALPHV attack comes as FBI Director Chris Wray warned lawmakers on Wednesday that Chinese hackers could “wreak havoc” on critical U.S. infrastructure.
“Chinese hackers are preparing to wreak havoc and cause real-world harm to American people and communities should China decide the time is right for an attack,” Wray told the House Select Committee on the Communist Party of China. They are encamped on America’s infrastructure.”
“If you quantify what we’re up against, China has a hacking program larger than all the major countries combined,” the FBI director said.
“In fact, even if you brought together all of the FBI’s cyber agents and intelligence analysts and focused solely on the Chinese threat, Chinese hackers would still outnumber FBI cyber personnel by at least 50 to 1. I guess.”
He went on to say that China’s hacking efforts are part of the communist country’s “multipronged attack on our national and economic security,” calling it “the defining threat of our generation.”
