REvil hacker group assaults Sol Oriens with ransomware

Zoom In Icon Arrows pointing outwards

The hacker group REvil is giving a new victim a headache: a 50-strong company based in Albuquerque, New Mexico that advises the federal government on security-related projects.

Sol Oriens, who advises the US Department of Energy’s National Nuclear Safety Administration, confirmed to CNBC that it became aware of the “cybersecurity incident” in May, its investigation is ongoing and law enforcement agencies have been notified.

In a statement, the company said it “recently discovered that an unauthorized person acquired certain documents from our systems were involved.”

Sol Oriens did not name or confirm the attacker was ransomware, but CNBC learned that the well-known hacker group REvil was responsible for the attack, according to cyber security sources.

A cybersecurity firm that has seen documents posted on the dark web told CNBC that they include bills for NNSA contracts, descriptions of research and development projects managed by defense and energy entrepreneurs through 2021, and full names and social security payslips Sol Orients employees security numbers.

Sol Oriens said there was “no current evidence that this incident was classified or critical security information from customers.” The company didn’t want to say whether it paid a ransom to the attackers.

Sol Orients describes itself as a technology research and development company. For example, a recent job posting on GlassDoor said it was looking for a program analyst who could help the NNSA with a “complex nuclear conservation program.”

The NNSA, a Department of Energy, is responsible for maintaining the safety and effectiveness of US nuclear weapons stocks. It also works with the U.S. Navy on nuclear propulsion and responds to radiological emergencies in the United States.

A spokesman for the Department of Energy declined to comment. A spokesman for the National Security Council declined to comment.

REvil was most recently responsible for a ransomware attack on JBS, the world’s largest meatpacker, which brought in a ransom of $ 11 million. In April, REvil stole and released blueprints from Apple supplier Quanta Computer. This attack allegedly requested a $ 50 million ransom.

“Sol Orients, LLC is, in a way, just one name among many,” said cybersecurity firm Intel 471. “There is still no indication that the company has been targeted for its work and is not just another potential payday for hackers . ”

According to screenshots from CNBC, REvil threatened to divulge the Sol Orients data and documentation on its blog.

Comments are closed.