You may have recently heard that JBS, the largest meat supplier in the world, was hit by a cyberattack. JBS ended up shilling out $11 million to REvil, the hacker group apparently behind the attack. Now the same hacker group has reportedly targeted a nuclear weapons contractor in the US.
REvil strikes again
The contractor, called Sol Oriens, consults for the US Department of Energy’s National Nuclear Safety Administration (NSSA), and is self-described as a tech development and research firm. The firm has a nuclear focus and has, according to CNBC, released a job posting looking for a program analyst to help with a “complex nuclear weapon sustainment program.”
The posting goes on to explain the “Position Responsibilities: Planning and managing nuclear weapon life extension programs and associated stockpile management as they relate to the maintenance of a highly reliable and safe nuclear deterrent.”
Sol Oriens reported confirmed the attack to CNBC, explaining that it had become aware that “…an unauthorized individual acquired certain documents from [its] systems.” Sol Oriens is currently working with a “third-party technology forensic firm” to assess just how much data was scraped and how it was done.
Sol Oriens has not confirmed the name of the hacker group, but a cybersecurity firm told CNBC it had seen the stolen documents posted on the dark web by REvil. The documents apparently include invoices for NSSA contracts, information on Sol Oriens’ current research and projects, and salary sheets containing the full names and Social Security numbers of Sol Oriens’ employees.
It’s currently unknown whether REvil had specific intentions when targeting Sol Oriens. On the one hand, the group could have chosen the firm because of what it does. On the other, it could just be hoping for another big payout.