Dutch military, police tech supplier hacked; Confidential info online
Abiom, a company that supplies communication technology to the Dutch Ministry of Defense and police, was hacked. Ransomware group LockBit posted internal documents online, including confidential communications with governments, in an attempt to force Abiom to pay a ransom, the Volkskrant reports after seeing the data leak.
So far, Abiom does not seem to have paid a ransom. The newspaper could not reach the company for comment. Abiom supplies the technology for the C2000 network, which the Dutch emergency services and security services use to communicate with each other. C2000 is considered part of the Dutch critical infrastructure. Abiom also supplies the Ministry of Justice and Security, security regions, hospitals, the tax authorities, and the navy.
The documents published online by the ransomware attackers include invoices of more than a million euros to the police, executives' personal data, various agreements with foreign governments and companies, copies of passports, and details of equipment placed with the police and defense units. The stolen data set consists of 39 thousand internal documents, some of which were published online.
The published data can be used for other criminal activities, ranging from corporate espionage to phishing emails. "If this type of data is published on ransomware websites, you by definition lose grip on confidentiality. You can assume that sensitive data will continue to roam around,' Matthijs Koot, a security expert at security company Secura, said to the Volkskrant.
He said that the police and National Cyber Security Center should be monitoring these types of ransomware sites. "After all, you want to be informed as soon as possible if your own suppliers are victims of a hack," Koot said.