A British perimeter security company, Zaun Ltd., recently fell victim to a cyberattack by the notorious LockBit group. Although the hackers only gained access to a small portion of Zaun’s internal network, they managed to leak sensitive documents related to the physical security of agencies within the UK Ministry of Defence.
In early August, the world’s most prolific ransomware outfit, LockBit, targeted Zaun Ltd., which is based in Wolverhampton, England. Zaun specializes in manufacturing perimeter fencing, security gates, bollards, and other physical security barriers. The company revealed in a public disclosure on September 1st that the cybercriminals had breached a PC used to control one of their manufacturing machines.
Zaun did not disclose the specific vulnerability that allowed the attack, but they did reveal that the compromised PC was running on the outdated operating system, Windows 7. Support for Windows 7 ended in 2020, and extended security updates concluded in January 2023. Industrial plants like Zaun often continue to use outdated software due to the prioritization of uptime and safety concerns for on-site staff.
Despite Zaun’s cybersecurity systems preventing the encryption of their data, the attackers were able to make off with approximately 10 gigabytes of stolen data, which accounts for about 0.74% of the company’s total stored data. The stolen data potentially includes historic emails, orders, drawings, and project files. However, Zaun reassured that no classified documents were stored on the compromised system or compromised in any way.
Nevertheless, conflicting reports from various British tabloids suggest that the breach was more severe than Zaun’s initial claims. The LockBit group allegedly leaked sensitive information about Zaun’s business dealings with entities in the UK Ministry of Defence. The leaked data reportedly included details about security equipment at a Royal Air Force station, a military research facility, and a British Army barracks. Additionally, information concerning several UK prisons was exposed, along with sales orders made by military and intelligence agencies such as GCHQ and a Royal Navy base in Scotland.
Zaun declined to comment on these reports but provided a more tempered perspective on the stolen data in their press release. According to Zaun, the fencing products in question are typically used to separate the public from secure assets and are openly displayed. Detailed information about these products can also be found on Zaun’s website and can be freely purchased. As a result, Zaun believes that no additional advantage can be gained from the compromised data beyond what is already available in the public domain.
It is essential for companies like Zaun to prioritize the security of their IT infrastructure, especially since they work closely with government agencies and are responsible for ensuring physical security. Upgrading outdated operating systems, implementing robust cybersecurity measures, and regularly monitoring for potential vulnerabilities can significantly reduce the risk of cyberattacks and data breaches. Additionally, improving employee awareness of cybersecurity best practices and providing regular training can help fortify an organization’s defenses against potential threats.
In light of this incident, it is expected that Zaun and other companies will enhance their cybersecurity measures to prevent similar breaches in the future. Collaboration between government agencies, cybersecurity experts, and private firms will also be crucial in combating the ever-evolving threat landscape and protecting sensitive information from falling into the wrong hands.