Swiss defense contractor RUAG was hacked recently and the assailants obtained 23GB of data. These numbers were recently revealed as part of an investigation by Melani, an IT security firm hired by RUAG. For the time being, it remains unclear as to who is behind this breach.
RUAG Breach Is More Severe Than Initially Assumed
With 23 gigabytes of sensitive information stolen from a defense contractor, the repercussions of the recent RUAG breach could be far more serious than most people anticipate. However, the investigation into this breach has not turned up any culprits, nor are there additional details as to which information was obtained exactly.
It is also possible a portion of this data contains duplicate information, which could explain the vast size of 23GB. Additionally, this stolen data also includes requests made to and from the command-and-control servers. The Swiss government wanted to make it clear it is highly unlikely any sensitive personal information has been leaked.
Initial assumptions indicated Russian hackers would be behind the RUAG breach, yet those allegations have not been confirmed by official sources. We do know the assailants used Turla malware to infect RUAG servers, and the entire process of obtaining this information was subject to a patient and meticulous approach. The assailants only infiltrated the network after correctly identifying their targets, with the Active Directory being the primary target.
This breach went by unnoticed for quite some time, as the hackers used named pipes for communication between infected machines. Moreover, some of these machines only distributed control-and-command servers’ commands, comparable to how most peer-to-peer networks operate. It does not appear as if the Turla malware contained a rootkit functionality, though.
Although this breach dates back to September of 2014, the incident was only reported to the public in January of 2016. Melani, a Swiss security research firm, is in the process of completing their RUAG investigation. Moreover, the company also stressed the importance of sharing details regarding these incidents with other parties as soon as possible, rather than delaying it.
If you liked this article follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin and altcoin price analysis and the latest cryptocurrency news.