Sol Oriens, a subcontractor for the US Department of Energy and a business partner of the National Nuclear Security Administration (NNSA), was hit by a ransomware attack, and again it was the REvil gang responsible. Hackers threaten to reveal publicly highly sensitive information dealing with nuclear weapons development.
Though the news came out only today, the company found out about the breach last month, and its website has been unreachable since at least June 3.
“In May 2021, Sol Oriens became aware of a cybersecurity incident that impacted our network environment. The investigation is ongoing, but we recently determined that an unauthorized individual acquired certain documents from our systems,” the company said on Twitter.
Not much is known about this company. But according to Sol Oriens’ LinkedIn profile, it is a small firm focused on the management of advanced technologies and concepts for military and space applications. It deals with nuclear weapons and is an “expert with more than 20 years of experience with nuclear weapons like the W80-4.” It works with the “Department of Defense and Department of Energy Organizations, Aerospace Contractors, and Technology Firms.”
The Sol Oriens’ internal information was spotted online when it was posted on REvils dark blog. It reportedly contains a payroll form from September 2020, along with employee names, social security numbers, worker training plans, and quarterly pay. Nothing of national importance for the US, but the REvil gang claims it got its hands on secret information about the country’s nuclear weapons; however, the details remain a mystery.
REvil explained that the victim “did not take all necessary action to protect personal data of their employees and software development for partner companies.” Therefore, the hackers warned:
“We hereby keep a right (sic) to forward all of the relevant documentation and data to military agencies of our choise (sic), including all personal data of employees,” REvil wrote.
REvil’s words are not to be taken lightly, as the group has conducted some of the most high-impact attacks ever.
Earlier this week, JBS Foods, a global food supplier, confirmed they paid REvil $11 million in ransom after a cyberattack.
In April, the group tried to extort Apple, hours before its new product launch, demanding a whopping $50 million fee, after successfully attacking Quanta, a Global Fortune 500 manufacturer of electronics and an Apple technology supplier.
It remains to be seen how Sol Oriens will respond to REvil’s threats, as this is a developing story.