The hacker group REvil has grow to be a headache for a brand new sufferer: a 50-person agency based mostly in Albuquerque that consults with the federal authorities on security-related initiatives.
Sol Oriens, which consults for the U.S. Division of Vitality’s Nationwide Nuclear Security Administration, confirmed to CNBC that it turned conscious of the “cybersecurity incident” in Might, its investigation is ongoing and regulation enforcement has been notified.
In an announcement, the corporate stated it “just lately decided that an unauthorized particular person acquired sure paperwork from our programs. These paperwork are at the moment beneath evaluation, and we’re working with a third-party technological forensic agency to find out the scope of potential knowledge which will have been concerned.”
Sol Oriens didn’t identify the attacker or verify that it was ransomware, however CNBC has realized that the well-known hacker group REvil was accountable for the assault, in line with cybersecurity sources.
One cybersecurity agency, which has seen paperwork posted on the darkish net, informed CNBC that they embody invoices for NNSA contracts, descriptions of analysis and improvement initiatives managed by protection and power contractors dated as just lately as 2021 and wage sheets containing full names and social safety numbers of Sol Oriens workers.
Sol Oriens stated that it has “no present indication that this incident includes consumer labeled or vital security-related data.” The corporate declined to say if it paid a ransom to the attackers.
Sol Oriens, describes itself as a know-how analysis and improvement agency. A current job posting on GlassDoor, for instance, stated the agency was in search of a program analyst who may help the NNSA with a “complicated nuclear weapon sustainment program.”
The NNSA, an company inside the Division of Vitality, is accountable for sustaining the security, safety and effectiveness of the U.S. nuclear weapons stockpile. It additionally works with the U.S. Navy on nuclear propulsion, and it responds to radiological emergencies within the U.S.
A spokesperson for the Division of Vitality declined to remark. A spokesperson for the NSC declined to remark.
REvil was most just lately accountable for a ransomware assault on JBS, the world’s largest meatpacker, which fetched a ransom of $11 million. In April, REvil stole and printed blueprints from Apple provider Quanta Laptop. That assault reportedly claimed a $50 million ransom.
“In some methods, Sol Oriens, LLC is only one identify amongst many,” cybersecurity agency Intel471 stated. “There isn’t any indication but that the corporate was focused due to the work it does, somewhat than simply being one other potential pay day for hackers.”
In accordance with screenshots seen by CNBC, REvil threatened to disclose Sol Oriens’ knowledge and documentation on its weblog.