The Adrastea threat actor involved in a data breach of a European missile manufacturer having ties to NATO, MBDA.
MBDA refused to comment and said it was not hacked during the time of breach way back in July this year, and its security systems remained intact. Further, the missile maker said the data made available online was neither classified data nor sensitive.
Researchers published a new advisory about the alleged hacking campaign against MBDA and were able to obtain and analyze the password-protected ZIP file containing the samples for the data breach.
The folder included files detailing the confidential PII of MBDA’s employees, alongside multiple SOPs underlying the requirements for NATO’s Counterintelligence to avert threats related to Terrorism, Espionage, Sabotage and Subversion.
The SOPs also include all activities of the Intelligence Requirement Management and Collection Management process that results in the effective and efficient execution of the intelligence cycle. The files also reportedly included internal sketches of cabling diagrams for missile systems, electrical schema diagrams and documentation of activities tying the MBDA to the Ministry of Defence of the European Union.
Researchers said that the reputation of Adrastea as a threat actor is currently low, as multiple concerns and complaints were recorded in the dark web forums where the hacker posted the alleged MBDA information.
Since this was the first recorded activity of the threat actor group, so it is difficult to say whether the information posted is legitimate.
This advisory was published by the researchers from CloudSEK.