US nuclear weapons contractor Sol Oriens has suffered a cyberattack allegedly by the hands of the REvil ransomware gang, which claims to be auctioning knowledge stolen in the course of the assault.
Sol Oriens describes itself as serving to the “Division of Protection and Division of Power Organizations, Aerospace Contractors, and Expertise Corporations perform complicated applications.”
Nonetheless, job postings first noticed by CNBC correspondent Eamon Javers present some perception into Sol Orien’s operations, who’re searching for program managers, consultants, and a ‘Nuclear Weapon System Topic Matter Professional’ to work with the National Nuclear Security Administration (NNSA).
“Sol Oriens LLC at present has a gap for a Senior Nuclear Weapon System Topic Matter. Professional with greater than 20 years of expertise with nuclear weapons just like the W80-4. This. Topic Matter Professional works with NNSA Federal and different Contractor personnel to prepare,. coordinate, implement, and handle technical program actions for the W80-4 Life Extension. Program.,” says one of many job postings.
“Place Tasks. Planning and managing nuclear weapon life extension applications and related. stockpile administration as they relate to the upkeep of a extremely dependable and secure. nuclear deterrent.”
REvil claims to have stolen knowledge from Sol Oriens
Final week, the REvil ransomware operation listed firms whose knowledge they have been auctioning off to the best bidder.
One of many listed firms is Sol Oriens, the place REvil claims to have stolen enterprise knowledge and workers’ knowledge, together with wage data and social safety numbers.
As proof that they stole knowledge in the course of the assault, REvil revealed pictures of a hiring overview doc, payroll paperwork, and a wages report.
As a solution to stress Sol Oriens into paying the risk actor’s extortion calls for, the ransomware gang threatened to share “related documentation and knowledge to navy angencies (sic) of our choise (sic).”
In a press release shared by Javers on Twitter, Sols Oriens confirmed a cyberattack in Might 2021 that affected their community.
“The investigation is ongoing, however we just lately decided that an unauthorized particular person acquired sure paperwork from our techniques.”
“These paperwork are at present beneath overview, and we’re working with a third-party technological forensic agency to find out the scope of potential knowledge that will have been concerned.”
“We’ve got no present indication that this incident entails shopper categorized or essential security-related data. As soon as the investigation concludes, we’re dedicated to notifying people and entities whose data is concerned.”
Like many different ransomware operations, REvil is believed to be working out of Russia or one other CIS nation.
Over the weekend, G7 leaders issued a statement asking Russia to help disrupt ransomware gangs believed to be working inside its borders.
President Biden may even be discussing the latest ransomware assaults with Russian President Vladimir Putin on the June sixteenth Geneva summit.