Austal USA, a shipbuilding firm and a contractor for the U.S. Division of Protection (DoD) and the Division of Homeland Safety (DHS) confirmed that it suffered a cyberattack and is at present investigating the affect of the incident.
The corporate relies in Australia and makes a speciality of high-performance aluminum vessels. Its American subsidiary, Austal USA, is below contract for a number of packages that embrace constructing Independence class littoral fight ships for the U.S. Navy, that are 127-meter-long vessels at a price of $360 million per unit. Austal additionally has an energetic $3.3 billion contract for constructing 11 patrol cutters for the U.S. Coast Guard.
Earlier at this time, the Hunters Worldwide ransomware and knowledge extortion group claimed to have breached Austal USA and leaked some data as proof of the intrusion.
Responding to a request for remark, a spokesperson for the corporate confirmed the assault to BleepingComputer and mentioned that Austal USA acted rapidly to mitigate the incident:
Austal USA not too long ago found a knowledge incident. We had been in a position to rapidly mitigate the incident leading to no affect on operations.
Regulatory authorities, together with the Federal Bureau of Investigation (FBI) and Naval Felony Investigative Service (NCIS) had been promptly knowledgeable and stay concerned in investigating the reason for the state of affairs and the extent of knowledge that was accessed.
No private or categorised data was accessed or taken by the risk actor. We’re working carefully with the suitable authorities and can proceed to tell any stakeholders impacted by the incident as we study new data.
Austal USA acknowledges the seriousness of this occasion and the particular duty we’ve got as a DoD and DHS contractor. Our evaluation is on-going as we search to completely perceive this incident in order that we are able to forestall an identical prevalence.
Hunters Worldwide threaten to publish extra knowledge stolen from Austal’s programs within the following days, together with compliance paperwork, recruiting data, finance particulars, certifications, and engineering knowledge.
Austal USA didn’t share if the risk actor was in a position to entry knowledge about engineering schematics or different proprietary U.S. Navy know-how.
Hunters Worldwide emerged not too long ago as a ransomware-as-a-service (RaaS) operation and is believed to be a rebrand of the Hive ransomware gang, a principle primarily based on overlaps within the malware code.
The group denied the allegations, although, saying that they’re a brand new operation that bought the encryptor supply code from the defunct Hive. In response to the risk actor, encryption will not be the top objective of their assaults, as their focus is on stealing knowledge and utilizing it as leverage to extort victims into paying a ransom.
In the meanwhile, the gang’s knowledge leak website lists properly over a dozen victims in several sectors and from numerous areas of the world.
