NATO investigating sale of classified missile data

The attackers claim to have stolen data about the Land Ceptor CAMM missile (not pictured), which MBDA manufactures

Image:
The attackers claim to have stolen data about the Land Ceptor CAMM missile (not pictured), which MBDA manufactures

The data appears to show plans for a missile system and other 'NATO CONFIDENTIAL' documents

NATO is investigating the dark web sale of data allegedly stolen from a European missile maker and being touted as classified military files.

As reported by the BBC, a cybercrime group is offering documents for sale that it claim are top secret files stolen from weapons maker MBDA Missile Systems.

MBDA confirmed that it had been the target of an extortion attempt in early August, by a gang that had 'falsely' claimed to have breached the company's network.

The company said it refused to comply with the ransom demand and so the attackers shared the information online, making it available for access in exchange for a payment.

MBDA admitted that its data was mixed in with the information being sold, but that it did not own the classified files.

The firm said the data was acquired from an external hard drive, possibly belonging to one of its suppliers.

'It has been confirmed that no hacking of the company's secure networks has occurred. So far, the company's internal verification processes indicate that the data made available online are neither classified data nor sensitive,' MBDA stated.

According to the BBC, which talked to the criminals and has seen samples of the data (but was unable to verify), 80GB of data is being sold for 15 Bitcoins, or around $297,000.

The extortionists, who operate on forums in both English and Russian, claim to have completed at least one deal.

They claim to have classified information about the staff of companies involved in the development of secretive military projects, as well as drawings, design documentation, presentations, contract agreements, video and picture materials, and correspondence with other firms.

Documents labelled 'NATO CONFIDENTIAL,' 'NATO RESTRICTED,' and 'Unclassified Controlled Information' were among a free 50MB data sample the BBC saw.

A presentation that appeared to explain the inner workings of the Land Ceptor CAMM missiles, one of which was recently shipped to Poland for deployment in the Ukraine war, was included in the sample files.

The files also describe a 'communications intelligence' operation by a US air squadron carried out towards the end of 2020 in Estonia.

The hackers did not clarify whether or not the data came from more than one compromised source.

NATO denies involvement

MBDA Missile Systems said it was cooperating with authorities in Italy, where the breach occurred, on the issue.

Separately, NATO's response to the hackers' claims has been sceptical.

"We are assessing claims relating to data allegedly stolen from MBDA. We have no indication that any NATO network has been compromised," a NATO spokesperson told BBC.

A former NATO official said that although the organisation has a tendency to overclassify papers, a secret-level classification isn't applied lightly.

If the labels are recent and correct, the person said, NATO would not want to see this type of information out there in the public.

Considering that the majority of the files looked to have been generated between 2017 and 2020, they said, it was unlikely that the documents had been declassified.