Comment from SOTI on cyber attack on Thales by LockBit 3.0: What countermeasures are possible?

November 21, 2022

In late October, defense contractor Thales suffered a cyberattack by Russian-language hacker group LockBit 3.0, which had announced that “all available [captured] data” would be released by Nov. 7 unless a ransom was paid. On Nov. 11, LockBit 3.0 finally released hundreds of internal company documents because Thales did not pay a ransom.

For its part, the French electronics company, which specializes in aerospace, defense and security, asserted that it had not received a ransom demand and launched an internal investigation. The company “has not detected any intrusion into its information systems.” The latter states “that it is the illegal publication of group-related data” and claims that the source of the leak is probably the compromised user account of an online collaboration website with a partner.
Although the data released by LockBit 3.0 on the dark web is not related to defense or military programs of Thales, this raises the question of IT security in a crucial way. How could this have been prevented? Depending on the case, there are several possibilities:

If the compromise was from a mobile device (iOS & Android), a secure mobile browser would have allowed device users to access the corporate intranet via an encrypted connection on their device.

If the hack came via a USB stick or malicious hard drive, there are tools that can be used to disable the connection to USB ports.

In this case, if a password was hacked, multi-factor authentication could have blocked this attack.

Finally, a kiosk mode to restrict access could have limited the leaks.

Related Articles

CES 2025: Everything is digital

CES 2025: Everything is digital

Marketplace for innovations with significance for Europe and the IT security industry A global showcase for innovations With over 170,000 attendees from more than 150 countries and an exhibition area far larger than several football pitches, CES is a unique...

The Academisation of Society and the Shortage of Skilled Workers

The Academisation of Society and the Shortage of Skilled Workers

The security industry is increasingly suffering from a shortage of skilled workers and young talent, which poses a significant challenge. This situation may be linked to the ongoing academisation of society and the associated structural changes in the labor market. In...

Share This