The hacker group REvil has turn into a headache for a brand new sufferer: a 50-person agency based mostly in Albuquerque, New Mexico, that consults with the federal authorities on security-related initiatives.
Sol Oriens, which consults for the U.S. Department of Energy’s National Nuclear Safety Administration, confirmed to CNBC that it grew to become conscious of the “cybersecurity incident” in May, its investigation is ongoing and legislation enforcement has been notified.
In an announcement, the corporate stated it “recently determined that an unauthorized individual acquired certain documents from our systems. Those documents are currently under review, and we are working with a third-party technological forensic firm to determine the scope of potential data that may have been involved.”
Sol Oriens didn’t title the attacker or verify that it was ransomware, however CNBC has realized that the well-known hacker group REvil was answerable for the assault, in response to cybersecurity sources.
One cybersecurity agency, which has seen paperwork posted on the darkish net, instructed CNBC that they embody invoices for NNSA contracts, descriptions of analysis and improvement initiatives managed by protection and power contractors dated as not too long ago as 2021, and wage sheets containing full names and Social Security numbers of Sol Oriens staff.
Sol Oriens stated that it has “no current indication that this incident involves client classified or critical security-related information.” The firm declined to say if it paid a ransom to the attackers.
Sol Oriens, describes itself as a know-how analysis and improvement agency. A latest job posting on GlassDoor, for instance, stated it was on the lookout for a program analyst who may help the NNSA with a “complex nuclear weapon sustainment program.”
The NNSA, an company throughout the Department of Energy, is answerable for sustaining the security, safety and effectiveness of the U.S. nuclear weapons stockpile. It additionally works with the U.S. Navy on nuclear propulsion, and it responds to radiological emergencies within the United States.
A spokesperson for the Department of Energy declined to remark. A spokesperson for the National Security Council declined to remark.
REvil was most not too long ago answerable for a ransomware assault on JBS, the world’s largest meatpacker, which fetched a ransom of $11 million. In April, REvil stole and revealed blueprints from Apple provider Quanta Computer. That assault reportedly claimed a $50 million ransom.
“In some ways, Sol Oriens, LLC is just one name among many,” cybersecurity agency Intel 471 stated. “There’s no indication yet that the company was targeted because of the work it does, rather than just being another potential pay day for hackers.”
According to screenshots seen by CNBC, REvil threatened to disclose Sol Oriens’ information and documentation on its weblog.