The hacker group REvil has develop to be a headache for a model new sufferer: a 50-person company primarily based in Albuquerque that consults with the federal authorities on security-related initiatives.
Sol Oriens, which consults for the U.S. Division of Vitality’s Nationwide Nuclear Safety Administration, confirmed to CNBC that it turned aware of the “cybersecurity incident” in Would possibly, its investigation is ongoing and regulation enforcement has been notified.
In an announcement, the company said it “simply these days determined that an unauthorized explicit particular person acquired certain paperwork from our packages. These paperwork are in the meanwhile beneath analysis, and we’re working with a third-party technological forensic company to search out out the scope of potential information which can have been involved.”
Sol Oriens didn’t determine the attacker or confirm that it was ransomware, nevertheless CNBC has realized that the well-known hacker group REvil was accountable for the assault, in keeping with cybersecurity sources.
One cybersecurity company, which has seen paperwork posted on the darkish internet, knowledgeable CNBC that they embody invoices for NNSA contracts, descriptions of study and enchancment initiatives managed by safety and energy contractors dated as simply these days as 2021 and wage sheets containing full names and social security numbers of Sol Oriens staff.
Sol Oriens said that it has “no current indication that this incident consists of shopper labeled or important security-related knowledge.” The company declined to say if it paid a ransom to the attackers.
Sol Oriens, describes itself as a know-how evaluation and enchancment company. A present job posting on GlassDoor, as an illustration, said the company was looking for a program analyst who could assist the NNSA with a “sophisticated nuclear weapon sustainment program.”
The NNSA, an firm contained in the Division of Vitality, is accountable for sustaining the safety, security and effectiveness of the U.S. nuclear weapons stockpile. It moreover works with the U.S. Navy on nuclear propulsion, and it responds to radiological emergencies throughout the U.S.
A spokesperson for the Division of Vitality declined to comment. A spokesperson for the NSC declined to comment.
REvil was most simply these days accountable for a ransomware assault on JBS, the world’s largest meatpacker, which fetched a ransom of $11 million. In April, REvil stole and printed blueprints from Apple supplier Quanta Laptop computer. That assault reportedly claimed a $50 million ransom.
“In some strategies, Sol Oriens, LLC is just one determine amongst many,” cybersecurity company Intel471 said. “There isn’t any indication however that the company was targeted because of the work it does, considerably than merely being one different potential pay day for hackers.”
In accordance with screenshots seen by CNBC, REvil threatened to reveal Sol Oriens’ information and documentation on its weblog.