HomeSecurity OperationsFBI subdivision firewall access exposed by potential Schneider Electric hacker

FBI subdivision firewall access exposed by potential Schneider Electric hacker

Published on

spot_img

A recent listing on a popular hacking forum has revealed the potential sale of firewall access to an FBI subdivision base by a threat actor known as “miyako.” The post on the forum offered root access to a server hosting the firewall for the subdivision for the price of US$2,000. While the listing was made on December 14th, it has since been updated to indicate that the access has been sold. However, the legitimacy of the access and the specific subdivision it pertains to remain unverified at this time.

This is not the first time that miyako has been associated with large breaches. On December 12th, the threat actor listed root access to a server hosting the firewall for a US Air Force base, which was sold for US$800. Other recent listings by miyako include claims of access to a US ISP with over US$1 billion in revenue and a listing related to computer manufacturer ASUS. These listings typically lack specific details beyond the listed price, making verification difficult.

According to information provided in miyako’s listings, they are allegedly part of the HELLCAT threat group, which has been linked to previous cyber attacks. In November, a threat actor named “greppy,” also part of the HELLCAT group, taunted Schneider Electric in a post on a different platform. The taunting post included references to stolen data, such as email addresses, JIRA accounts, and Gravatar accounts. The threat group demanded a payment of $125,000 USD in exchange for not releasing the compromised information.

The breach of Schneider Electric’s data was described as compromising critical information, including projects, issues, plugins, and over 400,000 rows of user data totaling more than 40GB. The demand for payment was addressed to Schneider Electric’s new CEO Olivier Blum, who had been appointed earlier that week. The threat group indicated that failure to meet their demands would result in the dissemination of the compromised information, and they warned that delaying payment would only increase the ransom amount.

The connection between the recent sale of firewall access to an FBI subdivision base and the activities of the HELLCAT threat group raises concerns about cybersecurity vulnerabilities in critical infrastructure and government agencies. The unauthorized access to sensitive information poses a significant risk to national security and underscores the ongoing challenges faced by organizations in protecting their data from increasingly sophisticated cyber threats.

As cybersecurity threats continue to evolve, it is essential for organizations to remain vigilant and proactive in implementing robust security measures to safeguard their information assets. Collaboration between government agencies, cybersecurity experts, and private sector partners is crucial in addressing these challenges and mitigating the risks posed by threat actors seeking to exploit vulnerabilities for financial gain or malicious purposes.

Source link

Latest articles

Policy Brief: US-ROK Cyber Cooperation – Promises and Challenges Ahead by Korea Economic Institute

A recent policy brief titled "US-ROK Cyber Cooperation: Promises and Challenges Ahead" has shed...

Serbian government employed Cellebrite for unlocking phones and installing spyware

A recent report by Amnesty International has shed light on the use of Cellebrite...

Catching the ghost in the machine: Adapting threat detection to cloud speed

The rapid rise of cloud technology has revolutionized the way businesses function, providing them...

Hackers Give Ultimatum of Thursday Deadline for Trump Documents or Else

The recent hacking group that previously caused disruptions in Fulton County, Georgia, has resurfaced...

More like this

Policy Brief: US-ROK Cyber Cooperation – Promises and Challenges Ahead by Korea Economic Institute

A recent policy brief titled "US-ROK Cyber Cooperation: Promises and Challenges Ahead" has shed...

Serbian government employed Cellebrite for unlocking phones and installing spyware

A recent report by Amnesty International has shed light on the use of Cellebrite...

Catching the ghost in the machine: Adapting threat detection to cloud speed

The rapid rise of cloud technology has revolutionized the way businesses function, providing them...