Cyber-Attack Hits US Nuclear Missile Sub-Contractor

Written by

Confidential documents have been swiped from a US military nuclear missile contractor in a cyber-attack, according to Sky News.

Today the news service reported that cyber-criminals were able to gain unauthorized access to the computer network of New Mexico company Westech International

The attack is believed to have been carried out by the threat group MAZE, which made the headlines last month after claiming to have attacked Minnesota egg supplier Sparboe Companies with ransomware. 

Headquartered in Albuquerque's Louisiana Boulevard, Westech was established in 1995 by founder Dr. Betty Chao to provide services to federal agencies and commercial enterprises. The company has a staff of 150 employees hired to carry out various Department of Energy (DOE) and Department of Defense (DoD) contracts at 15 locations in 11 American states. 

Westech, as a sub-contractor for Northrup Grumman, provides critical support for the United States' Minuteman III nuclear deterrent. The intercontinental ballistic missile LGM-30G Minuteman III is a three-stage missile with a range of over 6,000 miles. 

As of February 2018, America's ICBM force consisted of 400 Minuteman III missiles located at the 90th Missile Wing at F.E. Warren AFB, Wyoming; the 341st Missile Wing at Malmstrom AFB, Montana; and the 91st Missile Wing at Minot AFB, North Dakota. 

Westech provides engineering and maintenance support for the Minuteman III ICBMs. 

According to Sky News, files stolen from Westech in the cyber-attack have been leaked online. The files appear to contain sensitive data, including company emails, payroll, and what Sky describes as "personal information." 

Westech confirmed that the company had been hacked and that its computers had been encrypted. No information was shared regarding when the attack took place or how the criminals gained entry to Westech's computer system.

A spokesperson for Westech told Sky News that an investigation into what data the criminals had accessed and exfiltrated was still ongoing. 

"We recently experienced a ransomware incident, which affected some of our systems and encrypted some of our files," said the spokesperson.

"Upon learning of the issue, we immediately commenced an investigation and contained our systems.

"We have also been working closely with an independent computer forensic firm to analyze our systems for any compromise and to determine if any personal information is at risk."

What’s hot on Infosecurity Magazine?