December 6, 2023 at 12:22PM
Austal USA, an American subsidiary of an Australian shipbuilding company, confirmed a cyberattack, presumably by Hunters International ransomware group, who leaked data online. Quick mitigation prevented operational impact. No personal or classified data was compromised. Investigations by FBI and NCIS are ongoing. The company continues to assess the incident.
Meeting Takeaways:
1. **Cyberattack Confirmation:** Austal USA has confirmed that it suffered a cyberattack and is currently investigating the incident’s impact.
2. **Cyberattack Details:**
– The company stated that it quickly mitigated the incident, ensuring no interruption to its operations.
– No access to personal or classified information was reported by the company.
– Regulatory authorities, such as the FBI and NCIS, have been informed and are involved in the ongoing investigation.
3. **Threat Actor – Hunters International:**
– Hunters International, a ransomware and data extortion group, claimed responsibility for the breach.
– They have threatened to release more stolen data in the coming days.
– The group is believed to be a rebrand of the Hive ransomware gang, based on similarities in malware code, although they deny this connection.
– Hunters International’s current focus is on data theft and extortion, rather than encryption.
– They currently list multiple victims across various sectors and regions on their data leak site.
4. **Company’s Response:**
– Austal USA emphasizes the seriousness of the incident and recognizes its responsibility as a DoD and DHS contractor.
– They are committed to fully understanding the incident to prevent future occurrences.
5. **Operational Background:**
– Austal USA is a subsidiary of the Australian-based Austal and a contractor for the U.S. DoD and DHS.
– They specialize in aluminum vessels and hold contracts for building naval ships and patrol cutters, totaling billions of dollars.
6. **Operational Security Concerns:**
– Although details of the cyberattack’s full extent are still under assessment, the company has not publicly said whether engineering schematics or other proprietary U.S. Navy technology were accessed.
Action item: Continue to monitor for updates from Austal USA regarding the investigation and any potential impacts on stakeholders. Keep a lookout for additional information about the stolen data that the threat actor may publish. Coordinate with relevant security personnel to review and potentially enhance cybersecurity measures in light of the incident.