The hacker group REvil has grow to be a headache for a brand new sufferer: a 50-person agency primarily based in Albuquerque that consults with the federal authorities on security-related tasks.
Sol Oriens, which consults for the U.S. Division of Vitality’s Nationwide Nuclear Security Administration, confirmed to CNBC that it turned conscious of the “cybersecurity incident” in Might, its investigation is ongoing and regulation enforcement has been notified.
In an announcement, the corporate mentioned it “just lately decided that an unauthorized particular person acquired sure paperwork from our programs. These paperwork are presently beneath evaluation, and we’re working with a third-party technological forensic agency to find out the scope of potential knowledge that will have been concerned.”
Sol Oriens didn’t identify the attacker or affirm that it was ransomware, however CNBC has realized that the well-known hacker group REvil was liable for the assault, in keeping with cybersecurity sources.
One cybersecurity agency, which has seen paperwork posted on the darkish net, advised CNBC that they embrace invoices for NNSA contracts, descriptions of analysis and growth tasks managed by protection and vitality contractors dated as just lately as 2021 and wage sheets containing full names and social safety numbers of Sol Oriens staff.
Sol Oriens mentioned that it has “no present indication that this incident includes shopper labeled or essential security-related data.” The corporate declined to say if it paid a ransom to the attackers.
Sol Oriens, describes itself as a know-how analysis and growth agency. A current job posting on GlassDoor, for instance, mentioned the agency was in search of a program analyst who might help the NNSA with a “advanced nuclear weapon sustainment program.”
The NNSA, an company throughout the Division of Vitality, is liable for sustaining the protection, safety and effectiveness of the U.S. nuclear weapons stockpile. It additionally works with the U.S. Navy on nuclear propulsion, and it responds to radiological emergencies within the U.S.
A spokesperson for the Division of Vitality declined to remark. A spokesperson for the NSC declined to remark.
REvil was most just lately liable for a ransomware assault on JBS, the world’s largest meatpacker, which fetched a ransom of $11 million. In April, REvil stole and printed blueprints from Apple provider Quanta Pc. That assault reportedly claimed a $50 million ransom.
“In some methods, Sol Oriens, LLC is only one identify amongst many,” cybersecurity agency Intel471 mentioned. “There isn’t any indication but that the corporate was focused due to the work it does, moderately than simply being one other potential pay day for hackers.”
Based on screenshots seen by CNBC, REvil threatened to disclose Sol Oriens’ knowledge and documentation on its weblog.