NATO Secrets Found For Sale On The Dark Web

Uploaded on 2022-09-14 in INTELLIGENCE--Europe, GOVERNMENT-Defence, FREE TO VIEW

Portugal’s Armed Forces Ministry has suffered a cyber attack that allegedly allowed the theft of classified NATO documents, which are now being  sold on the Dark Web. The extent of the damage is still being investigated by the National Security Office, but suspicions are that a security breach facilitated the exfiltration of secret NATO documents from supposedly secure military computers.

According to sources, insecure channels were used to receive and forward the documents when the official Integrated System of Military Communications (SICOM) should have been used.

US intelligence agencies noticed the sale of stolen documents and alerted the US embassy in Lisbon, which in turn warned the Portuguese government about the data breach. “The exchange of information between allies in terms of information security is permanent at the bilateral and multilateral levels,” said a spokesperson for the Prime Minister.  “Whenever there is a suspicion of compromise of cyber security of information system networks, the situation is extensively analysed and all procedures aimed at enhancing cyber security awareness and the correct handling of information to deal with new types of threat are implemented...  Disciplinary and/or criminal law automatically determines the adoption of appropriate procedures."

The data leak comes after NATO claimed in late August that the bloc was investigating a hacking of missile firm MBDA by unknown malicious actors. According to media reports, the hackers had put blueprints of weapons used by Ukraine in its conflict with Russia on sale on the Dark Web. 

This incident is not the first time that Portugal was involved in a security breach related to NATO documents. In 2018, Portuguese intelligence officer Frederico Carvalhao Gil was convicted for spying for Russia after he was found selling classified NATO and EU documents to a Russian agent.

Diario de Noticias:    ITPro:    Bleeping Computer:     AA.com:    FarsNews:     Babel:       Portugal Resident

You Might Also Read: 

NATO & Ukraine Agree Deeper Cyber Co-operation:

 

« Securing Hybrid Identity
Five Cloud Security Mistakes Your Business Should Avoid »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ReadWrite

ReadWrite

ReadWrite is a leading media platform dedicated to IoT and the Connected World.

Copper Horse Solutions

Copper Horse Solutions

Copper Horse specialises in mobile and IoT security, engineering solutions throughout the product lifecycle from requirements to product security investigations.

Kaymera Technologies

Kaymera Technologies

Kaymera’s comprehensive mobile enterprise security solution defends against all mobile threat and attack vectors.

National Authority Against Electronic Attacks (NAAEA) - Greece

National Authority Against Electronic Attacks (NAAEA) - Greece

The National Authority Against Electronic Attacks (NAAEA) is the national computer emergency response team of Greece.

Grimm Cyber

Grimm Cyber

GRIMM makes the world a more secure place by increasing the cyber resiliency of our client’s systems, networks, and products.

VMRay

VMRay

VMRay delivers advanced threat analysis and detection that combines a unique agentless hypervisor-based network sandbox with a real-time reputation engine.

Charterhouse Müller UK

Charterhouse Müller UK

Charterhouse Müller UK are a leading service provider for end of life IT services including data erasure and secure IT asset disposal.

Edureka

Edureka

Edureka is an online technology training provider with the most effective learning system in the world. We help professionals learn trending technologies for career growth.

KrCERT/CC

KrCERT/CC

KrCERT/CC is the National Computer Emergency Response Team in Korea.

ECHO Project

ECHO Project

The main objective of ECHO is to strengthen the cyber defence of the European Union, enhancing Europe’s technological sovereignty through effective and efficient multi-sector collaboration.

StrikeReady

StrikeReady

StrikeReady have developed CARA, an advanced technology solution that offers personalized and proactive assessment and remediation of future and current risk in real-time.

Entara

Entara

Entara (formerly YJT Solutions) is an eXtended Service Provider (XSP) focused on providing cutting edge technology and cyber security solutions to companies in regulated industries.

Questex Asia Total Security Conference

Questex Asia Total Security Conference

Questex Asia’s Total Security Conferences is one of the industry’s most prestigious and engaging forums for the region's top information security leaders and business decision-makers.

Unit 42

Unit 42

Unit 42 brings together world-renowned threat researchers, incident responders and security consultants to create an intelligence-driven, response-ready organization.

Papua New Guinea National Cyber Security Centre (PNG NCSC)

Papua New Guinea National Cyber Security Centre (PNG NCSC)

PNG NCSC is a jointly funded initiative enabling PNG to benefit with the most advanced cyber protection of its critical information and communications technology infrastructure.

Forward Global

Forward Global

Forward Global designs and delivers services and technologies to manage digital, economic, and information risks.