LockBit ransomware gang steals data related to security of UK military bases

Hackers exploited vulnerable Windows 7 PC to break into high-security fencing firm’s network.

Graham Cluley
Graham Cluley
@[email protected]

LockBit ransomware gang steals data related to security of UK military bases

An attack by the notorious LockBit ransomware gang stole 10 GB of data from a company that provides high-security fencing for military bases.

Zaun says that on 5-6 August a “sophisticated cyber attack” saw hackers exploit an obsolete Windows 7 PC to gain access to the company’s servers, and exfiltrate data which has since been published on the dark web.

According to the firm, classified documents are not believed to have been included in the haul:

Sign up to our free newsletter.
Security news, advice, and tips.

“LockBit will have potentially gained access to some historic emails, orders, drawings and project files, we do not believe that any classified documents were stored on the system or have been compromised. We are in contact with relevant agencies and will keep these updated as more information becomes available. This is an ongoing investigation and as such subject to further updates.”

In what appears to be an attempt to reduce concern about the security breach, Zaun says that its perimeter fencing is hardly top secret:

“Zaun is a manufacturer of fencing systems and not a Government approved security contractor. As a manufacturer of perimeter fencing, any member of the public can walk up to our fencing that has been installed at these sites and look at it.”

Well, maybe that’s the case. But I would still be alarmed if there was sensitive information contained in the emails and other documents that were stolen. For instance, the contact details of personnel at military sites, or the specifics of a most sensitive area’s physical security.

I get the feeling that Zaun may know what it is doing when it comes to physical security, but may be lagging a little behind when it comes to digital security. Mainstream support for Windows 7 ended back in 2015.

Even if your organisation had managed to get itself on the list for extended Windows 7 security updates, the very last time you were able to receive them was until January 2023.

Zaun says it has contacted the National Cyber Security Centre (NCSC) and Information Commissioner’s Office (ICO) about the data breach.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.