Contents:
Austal USA, a shipbuilding company and contractor for the US Departments of Defense (DoD) and Homeland Security (DHS), confirmed a hack and is actively analyzing the impact of the event.
The Australian-based company produces high-performance aluminum vessels. Among the several contracts held by Austal USA, an American subsidiary of the company, is the construction of 127-meter-long littoral combat ships for the United States Navy.
These ships cost an estimated $360 million each. The United States Coast Guard has a deal with Austal to construct eleven patrol cutters worth $3.3 billion.
Hunters International Claims the Attack
On the 6th of December, the Hunters International ransomware and data extortion group claimed to have infiltrated Austal USA and disclosed some information as proof of the intrusion.
Hunters International’s post on the dark web
In response to a comment request, a corporate spokeswoman confirmed the attack to BleepingComputer and stated that Austal USA acted immediately to mitigate the incident:
Austal USA recently discovered a data incident. We were able to quickly mitigate the incident resulting in no impact on operations.
Regulatory authorities, including the Federal Bureau of Investigation (FBI) and Naval Criminal Investigative Service (NCIS) were promptly informed and remain involved in investigating the cause of the situation and the extent of information that was accessed.
No personal or classified information was accessed or taken by the threat actor. We are working closely with the appropriate authorities and will continue to inform any stakeholders impacted by the incident as we learn new information.
Austal USA recognizes the seriousness of this event and the special responsibility we have as a DoD and DHS contractor. Our assessment is on-going as we seek to fully understand this incident so that we can prevent a similar occurrence.
Austal USA’s position on the attack (source)
Hunters International has threatened to expose additional data stolen from Austal’s systems in the coming days, including compliance documentation, recruiting information, financial information, certificates, and engineering data.
Austal USA did not say whether the threat actor had access to engineering schematics or other confidential US Navy technology.
Hunters International recently appeared as a ransomware-as-a-service (RaaS) operation and is thought to be a rebrand of the Hive ransomware gang, based on malware code commonalities.
At this point, the gang’s data leak site names more than a dozen victims from around the world and in a wide range of industries.
If you want to learn more about ransomware, check out our related articles on how ransomware spreads, how to mitigate it, prevent it, and how to create a successful cybersecurity strategy.
If you liked this piece, follow us on LinkedIn, Twitter, Facebook, and YouTube for more cybersecurity news and topics.