Comment from SOTI on cyber attack on Thales by LockBit 3.0: What countermeasures are possible?

November 21, 2022

In late October, defense contractor Thales suffered a cyberattack by Russian-language hacker group LockBit 3.0, which had announced that “all available [captured] data” would be released by Nov. 7 unless a ransom was paid. On Nov. 11, LockBit 3.0 finally released hundreds of internal company documents because Thales did not pay a ransom.

For its part, the French electronics company, which specializes in aerospace, defense and security, asserted that it had not received a ransom demand and launched an internal investigation. The company “has not detected any intrusion into its information systems.” The latter states “that it is the illegal publication of group-related data” and claims that the source of the leak is probably the compromised user account of an online collaboration website with a partner.
Although the data released by LockBit 3.0 on the dark web is not related to defense or military programs of Thales, this raises the question of IT security in a crucial way. How could this have been prevented? Depending on the case, there are several possibilities:

If the compromise was from a mobile device (iOS & Android), a secure mobile browser would have allowed device users to access the corporate intranet via an encrypted connection on their device.

If the hack came via a USB stick or malicious hard drive, there are tools that can be used to disable the connection to USB ports.

In this case, if a password was hacked, multi-factor authentication could have blocked this attack.

Finally, a kiosk mode to restrict access could have limited the leaks.

Related Articles

Bitkom awards 15 new smart schools

Bitkom awards 15 new smart schools

Total network grows to 116 pioneering schools for digital education Green Smart Schools also awarded for digitalisation and sustainability for the first time Digital school and teaching concepts, a fast and reliable digital infrastructure, teachers with digital...

One in two fears misuse of their personal data

One in two fears misuse of their personal data

ESET survey sheds light on internet users' biggest concerns and their protective measures Identity theft and misuse of personal data are the biggest concerns for almost half of internet users, according to a representative ESET survey. In second and third place come...

100 Years of Hyperinflation: the 100,000,000,000 Mark Banknote

100 Years of Hyperinflation: the 100,000,000,000 Mark Banknote

Extreme devaluation of money 100 years ago in the German Reich Highest banknote put into circulation was worth 100 trillion marks Fourfold increase in staff at the Reichsdruckerei, the predecessor of the Bundesdruckerei Additional land and buildings rented for the...

Share This