European defense giant Naval Group has confirmed that it is investigating an alleged cyberattack that leaked sensitive data, including on the naval ships and submarines that the company builds.
Naval Group, which builds and maintains an array of ships and submarines for the French navy including aircraft carriers and nuclear submarines, said in a statement that it was “the target of a reputational attack” and that it had launched an investigation along with “Naval Group’s CERT, in close collaboration with the French authorities.”
A hacker using the moniker Neferpitou claimed on July 23 that they had been able to gain access to Naval Group’s IT systems and that it had approximately 1TB of the company’s internal data including a classified content management system, deployment documentation of submarines and frigates, technical documents of various classification levels, weapon system software, user manuals, internal communications and more.
According to Infosecurity Magazine newssite, Neferpitou offered 13GB of free data from the hack and said that Naval Group had 72 hours to make contact or that all the data would be leaked.
In the statement by Naval Group released on July 26, "all of our teams and resources are currently mobilised to analyse and verify the authenticity, origin, and ownership of the data as quickly as possible. At this stage, no intrusion into our IT environments has been detected and there has been no impact on our activities.”
France's largest shipbuilder
Naval Group is France’s largest shipbuilder with a storied 400 year history. It employs over 15,000 people in 17 different countries with a yearly revenue exceeding $5bn or €4.3bn. The two main shareholders of the company are the French state and Thales, a multinational company that specialises in aerospace, defense and security.
Naval Group has numerous international customers as well, including Brazil, Egypt, Australia, Peru, and others.
As Naval Group continues to investigate the source of the hack, there is a long history of state and non-state actors attempting to breach the defense infrastructure of militaries and defense companies to steal sensitive information.
The source code of the CMS used in the submarines and frigates, strategic assets of the French navy, would be of interest to any adversary.
Last week, China is believed to have exploited a critical vulnerability in Microsoft’s SharePoint platform. According to reports, the US National Nuclear Security Administration which is responsible for the country’s nuclear arsenal.