• About
  • Advertise
  • Careers
  • Contact
Monday, March 20, 2023
No Result
View All Result
NEWSLETTER
Cyber360 News
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
No Result
View All Result
Cyber360 News
No Result
View All Result
Home Data Breach

Ransomware attacks vs Kimchuk, Visser reveal supply chain threat to DOD

by Cyber360 News
March 28, 2020
in Data Breach
0
Ransomware attacks vs Kimchuk, Visser reveal supply chain threat to DOD
0
SHARES
0
VIEWS
Share on FacebookShare on Twitter

The operators behind DoppelPaymer ransomware reportedly attacked electronics manufacturer Kimchuk earlier this month, disrupting the company’s operations and stealing sensitive data that they have been publishing online as part of an extortion plot.

Meanwhile, the cybercriminal outfit has continued to also publish information stolen earlier this year from Visser Precision, a parts maker and manufacturing solutions provider for the aerospace, automotive, industrial and manufacturing industries.

Danbury, Conn.-based Kimchuk primarily serves the military, medical, safety, energy and telecom industries. According to a TechCrunch report detailing the Kimchuk incident, stolen files include the company’s payroll records, broker approvals and purchase orders — including orders from one customer’s nuclear divisions — but nothing marked as classified. A date that was observed on a directory of stolen files suggests the data exfiltration may have taken place around March 5, the report continues.

The general m.o. exhibited by the DoppelPaymer actors is to continue publishing sensitive files until the victimized company pays to make them stop.

TechCrunch’s report cites Emsisoft Threat Analyst Brett Callow, who separately reached out to SC Media to reveal that DoppelPaymer’s campaign continues against Visser, a defense subcontractor that serves companies like Lockheed Martin, General Dynamics, Boeing and SpaceX. The latest set of stolen Visser files found on DoppelPaymer’s official dump site includes a proprietary Lockheed Martin engineering specification document.

“The DOD needs to act quickly to secure its supply chain. Should it not, there will inevitably be more Visser-like breaches which could potentially result in extremely sensitive information being exposed,” said Callow, noting that future incidents like this would be relevant to the Department of Defense’s forthcoming Cybersecurity Maturity Model Certification (CMMC) program, which when officially enacted will verify if contractors and other members of the Defense Industrial Base have the necessary controls to protect controlled unclassified information (CUI) within the supply chain.

“The CMMC program has not yet been implemented, but incidents such as these demonstrate the need for it to be implemented sooner rather than later,” said Callow. “Additionally, consideration should be given as to how to ensure minimum security standards are met in the health care and critical infrastructure supply chains.”

SC Media called the Department of Defense’s media inquiries desk for comment, but no one answered and there was no opportunity to leave a message.

TechCrunch said it attempted to contact Kimchuk for comment and was apparently included by mistake on an email thread in which the company’s chief executive Jim Marquis instructed others within his organization to “not respond.” SC Media also reached out to Kimchuk and Visser.

Cyber360 News

Cyber360 News

Next Post
Security Experts Form Cyber ‘Justice League’ To Fight Coronavirus Hacks

Security Experts Form Cyber ‘Justice League’ To Fight Coronavirus Hacks

Recent Posts

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

October 6, 2021
Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

October 1, 2021
Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

October 1, 2021

Whats New in Kali Linux?

September 14, 2021

Kali Linux 2019.3 Release (CloudFlare, Kali-status, metapackages, Helper-Scripts & LXD)

September 14, 2021

Kali Linux 2021.3 Release (OpenSSL, Kali-Tools, Kali Live VM Support, Kali NetHunter Smartwatch)

September 14, 2021

Kali Linux 2018.4 Release

September 14, 2021

Kali Linux 1.0.5 and Software Defined Radio

September 14, 2021

Kali Tools Website Launched, 1.0.9 Release

September 14, 2021

Kali Linux Dojo at Black Hat Vegas 2016

September 14, 2021

Category

Site Links

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

About Us

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Check our landing page for details.

© 2019 Cyber360 News - Powered by WebSensePro

No Result
View All Result
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us

© 2019 Cyber360 News - Powered by WebSensePro

Login to your account below

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In