Lockheed Martin, a prominent international aerospace, arms, defense, and information security corporation, has recently fallen victim to a ransomware attack conducted by the notorious Russian hacktivist group known as Killnet. In a Telegram message, the group not only claimed responsibility for the cyber attack on Lockheed Martin but also named another U.S. organization, the Army Transportation Corps, in their message.
The Army Transportation Corps, a combat service of the United States Army, is responsible for delivering infrastructure and personnel support. The hacktivist group targeted Lockheed Martin in response to the Biden administration’s decision to supply Ukraine with long-range ATACMS missiles. These missiles have the capability to launch multiple cluster attacks, which would significantly enhance Ukraine’s capabilities in its ongoing conflict with Russia.
The cyber attack on Lockheed Martin was carried out by a collaboration of hacktivist groups, including Anonymous Sudan and Cyber Special Forces, who provided support to the Killnet group. Upon checking the website of Lockheed Martin, it was found to be accessible. The Cyber Express team reached out to the organization for comments regarding the cyber attack and is awaiting their response.
In another incident of cyber attacks on U.S. digital infrastructure, the hacker group 8Base targeted two U.S. websites: Springer Eubank Company and J.T. Cullen Co, Inc. The dark web post by 8Base claimed that they had exfiltrated various data, including invoices, receipts, accounting documents, and employment contracts, after the ransomware attacks on these organizations. The group set a ransom payment deadline for both organizations.
Springer Eubank Company, located in Connecticut, offers services such as home heating oil and burner services. J.T. Cullen Co., Inc., on the other hand, is a metal fabrication company based in the United States. Both organizations are now faced with the task of responding to the cyber attacks and potential data breaches.
The Killnet hacktivist group, responsible for the cyber attack on Lockheed Martin, has a significant history of wreaking havoc on the U.S. healthcare industry. Active since 2022, Killnet often launches Distributed Denial of Service attacks on countries that support Ukraine in the Russia-Ukraine war. This group, along with other pro-Russian groups, has targeted almost all NATO countries for various missions.
Another hacktivist group called NoName057(16), also known as NoName05716, 05716nnm, or Nnm05716, has been relatively underreported but has been actively supporting Russia alongside Killnet and other pro-Russian groups since March 2022, according to a report by Sentinel One. These hacktivist groups have been utilizing Telegram channels to announce their victims based on mission objectives or geopolitical tensions related to the Russia-Ukraine war.
In response to the increasing cyber threats, law enforcement agencies have been taking action by suspending social media accounts belonging to ransomware and hacktivist groups. For instance, the Twitter account of a subgroup of the LockBit ransomware group was recently taken down, reports VX-Underground.
It is important to note that this report is based on internal and external research obtained through various sources. The information provided serves as a reference and users bear full responsibility for relying on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.