Nuclear Data Breach, Ransomware Arrests & Papa John’s Fined

This is the Hut Six InfoSec Round-Up, where we look at some of the most pressing matters, latest trends, and industry news from across the world of information security.

Nuclear Weapons Contractor Cyber Attack

The US nuclear weapons contractor Sol Oriens has been hit with a ransomware attack in which the cyber criminals are now reportedly auctioning stolen data.

The company, which describes itself as helping, amongst others, the US department of Defence with “complex programs”, confirmed that in May of this year, an unauthorised individual acquired “certain documents” from their systems.

The Russia-based ransomware syndicate REvil, who are believed to be behind the attack, claim on their website to have stolen both business and employee related data from the contractor. Data which they are threatening to leak if their extortion demands are not met.

In a statement shared on Twitter, the company noted, “Those documents are currently under review, and we are working with a third-party technological forensic firm to determine the scope of potential data that may have been involved.”

Adding, “We have no current indication that this incident involves client classified or critical security-related information.”

Papa John’s Fined

The pizza franchise Papa John’s has been fined £10,000 by the UK’s Information Commissioner’s Office (ICO) for sending over 168,000 nuisance marketing messages to customers without the valid consent.

Following 15 complaints being lodged with the data watchdog, the ICO’s investigation found that between October of 2019 and April 2020, Papa John’s sent the offending messages relying on a ‘soft opt-in’ exemption; an exemption that was not valid as customers were not given the option to opt out, nor were they provided a privacy notice.

Violating regulation 22 of the Privacy and Electronic Communications Regulations 2003, one customer received nearly 100 messages in a two-month period, a bombardment which was described by the party as “harassment” and “distressing”.

Andy Curry, ICO Head of Investigations noted on the case, "The law is clear and simple. When relying on the 'soft opt-in' exemption, companies must give customers a clear chance to opt out of their marketing when they collect the customers' details.”

Ukraine Ransomware Arrests

Ukrainian law enforcement has made a series of arrests relating to the Clop ransomware syndicate, a gang who are responsible for an estimated $500 million worth of damages.

Behind such attacks as those against the Reserve Bank of New Zealand, energy giant Shell, and Software AG, the gang were targeted in a joint operation involving law enforcement agencies in Ukraine, the US, and South Korea.

According to the cyber security intelligence company Intel 471, the individuals arrested are likely involved with the money laundering element of the criminal operation, with core members of the gang probably still living safely in Russia.

Seizing thousands of dollars in cash, and several luxury vehicles in and around the Ukrainian capital of Kiev, the authorities also claim to have shut down the server infrastructure used by the gang, though the gang’s payment and data leak sites are still reportedly online.

In a statement, the Ukrainian national police force allege: “It was established that six defendants carried out attacks of malicious software such as ‘ransomware’ on the servers of American and [South] Korean companies… law enforcement has managed to shut down the infrastructure from which the virus spreads and block channels for legalizing criminally acquired cryptocurrencies.”

Thank you for reading this edition of Infosec Round-Up. Please be sure to subscribe to the Hut Six YouTube Channel to keep up to date with the latest news and see all our latest information security videos.