British mesh fencing systems manufacturer Zaun recently disclosed a LockBit ransomware attack that potentially jeopardized data related to UK military and intelligence sites. The company specializes in high-security perimeter fencing products used by prisons, military bases, and utilities.
Although the ransomware attack didn’t result in data encryption or service interruptions, LockBit managed to exfiltrate data from Zaun’s network, including historic emails, orders, drawings, and project files. Fortunately, no classified documents were believed to be stored or compromised. However, the stolen data has been made public on the internet, posing potential risks to UK military, intelligence, and research bases.
The cyberattack occurred in early August but was only revealed in a data breach notice on September 1. Zaun originally thought their cybersecurity software had thwarted data transfer during the attack, but they later confirmed LockBit managed to download some data.
Zaun emphasized that its fencing products are typically on public display and used to separate the public from secure assets, indicating that the attackers would gain no advantage from the compromised data. Nevertheless, the incident highlights the potential risks posed by cyberattacks on critical infrastructure suppliers like Zaun.
LockBit, which operates under the Ransomware-as-a-Service (RaaS) model, has been active since at least 2020 and was responsible for a significant portion of ransomware attacks observed in multiple countries, receiving substantial ransom payments.
The attack on Zaun is noteworthy as it showcases the interconnectedness of IT and physical security and raises concerns about the impact of such incidents on critical infrastructure.
WithSecure cybersecurity advisory Paul Brucciani emphasized that by undermining IT security, cybercriminals can also undermine the physical security of customers, highlighting the significance of such attacks.