Sensitive Data From Nuclear Facilities Leaked on Dark Web
Confidential Data and PII Made Public on Cybercrime Forums.
Cybercrime activities targeting the nuclear industry worldwide have risen during the past eight months, according to Cyble, a global cyber intelligence start-up that monitors the dark web. Cyble claims that threat actors are taking advantage of the war in Ukraine to broaden their attack services.
Since February this year, leaks were reported to have happened at nuclear facilities from Russia, Brazil, Iran, Taiwan, Indonesia, Thailand, India, and South Africa.
Secured But not Secure Enough
Systems used in the nuclear domain are supposed to be some of the most secure, but that doesn`t mean they are completely not vulnerable to cyberattacks. Although critical computer systems are air-gapped, threat actors do manage to find their way in using misconfigured networks, USB sticks, or other vulnerable devices.
Human error and insider attacks, supply chain attacks, or even electromagnetic attacks are some of the challenges that organizations using air gapping as a security measure are facing. Since they were proven not to be safe enough, encrypting all data inside an air-gapped system to increase protection and prevent vulnerabilities is strongly recommended.
Vulnerability Leads to Vulnerability
Usually, when malicious actors find a way to enter a system and decide to expose the data they seized, it`s like opening the gate for any other threat actors across the globe.
A recent example is the attack performed by Black Reward on Iran’s atomic energy agency at the end of October which led to essential data spillage. The cybercriminal group asked the Iranian government to free the political prisoners arrested during the Mahsa Amini protests within no longer than 24 hours. As the authorities did not agree, the threat actors released the hacked data on the web.
The #darkweb is full of #dataleaks containing sensitive #data from critical infrastructure companies, including #nuclear facilities. A cyber analyst claims this is a ripple effect of #Russia‘s invasion of #Ukraine.#cybersecurity #infosec #dataleak https://t.co/jtpNPPccKP
— CyberNews (@CyberNews) November 21, 2022
Construction plans, contracts, details about equipment at the nuclear power plant in Bushehr, and personally identifiable information (PII) were among the exposed data. With all this data being now available on cybercrime forums, new and successful cyberattacks on the organization are more possible, according to cybersecurity specialists.