Contents:
Rheinmetall AG announced they suffered a data breach after being a target of a BlackBasta ransomware attack. On May 20th, 2023, the threat group leaked samples of the stolen data on its extortion site.
According to the German automotive and arms manufacturer, the attack is real. The security team discovered the network breach on April 14th, of this year. It only affected its civilian business.
Rheinmetall is continuing to work on resolving an IT attack by the ransomware group Black Basta. This was detected on 14 April 2023. It affects the Group’s civilian business.
Due to the strictly separated IT infrastructure within the Group, Rheinmetall’s military business is not affected by the attack.
The Data Breach Impact and Consequences
As Rheinmetall announced, the samples that threat actors published on their site were not related to their military activities. However, the leaked data is still important, as it includes:
– non-disclosure agreements,
– technical schematics,
– passport scans,
– purchase orders.
The company already informed the law enforcement authorities and the investigation is still ongoing.
Why Is Rheinmetall a Favorite Target for Cyberattacks
Rheinmetall has more than 25,000 employees and produces military vehicles, armaments, air defense systems, engines, and other steel products. The German company is one of the key aid providers for Ukraine.
At the moment, Rheinmetall is one of Europe’s most important weapons suppliers. That and its annual revenue that exceeds $7 billion make it an attractive target for all sorts of hackers.
Rheinmetall was also targeted this year by Killnet who tried to cause a distributed denial-of-service (DDoS). At the moment, although a higher volume of traffic was reported on Rheinmetall’s network, the infrastructure did not suffer.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, and YouTube for more cybersecurity news and topics.