NATO Investigates Attack on Global Missile Defense Firm

Critical data was stolen recently from a top European missile systems firm, MBDA. Nato is investigating the leak, which includes classified military documents such as blueprints of weapons used by Ukraine in the war with Russia. MBDA, whose files were stolen and now offered up on the Dark Web, said it was the victim of a ransomware attack in early August. It refused to pay the ransom, so the threat actors leaked the data online and reportedly have already sold 80G of stolen data on the Dark Web to at least one customer. The fact that a major weapons maker with offices across Europe and in the United States was subject to a double extortion cyberattack signals the severity of cyber threats focused on sensitive file exfiltration. For added perspective on the ongoing escalation of this issue, Statista reports that the number of data breaches in the U.S. alone has significantly increased within the past decade, from 662 in 2010 to more than 1,862 in 2021, which was a 68% increase over the prior year. 

This extraordinarily targeted and more sophisticated type of ransomware attack is exceptionally damaging,  whereby the hacker takes over the files by encrypting them, holds them hostage, and demands a ransom—subsequently threatening to leak the documents on the dark web if the victim does not pay up. As a result, companies everywhere must take notice. 

The good news is that there are ways to protect your organization’s data that can prevent these devastating consequences entirely.  

Rethinking Data Encryption

Data encryption is used to defend against cyberattacks, including malware and ransomware, and is at the center of all cybersecurity initiatives. However, when it comes to authentication for access, it becomes apparent that more is needed and that not all encryption is created equal. 

The fact is that reliance on Identity and Access Management (IAM) as a means to protect sensitive data adequately is a losing battle; hackers inherently have the upper hand. As soon as a bad actor gains valid credentials to an entry point, access is granted to all systems, databases, and files – just like any authenticated user. 

While the initial attack vector in the MDBA case is still not clear, it is likely that files on the external hard drive were accessed by way of breached credentials. If this were the case, the hackers would have only needed to find one set of valid credentials to gain access to MDBA’s systems, databases, and files. 

Unfortunately, this scenario is still all too common, making many companies ripe for ransomware. A data-centric security approach with multifactor encryption is the better alternative for protection from these types of attacks.

Multifactor Encryption

Multifactor encryption is a progressive technology that leverages the power of advanced encryption with the proven security concept of multifactor authentication. Rather than focusing on protecting the systems or locations that store files, multifactor encryption protects at the individual file level, which is more secure and less resource intensive than the traditional encryption solutions that many organizations currently rely on. 

With multifactor encryption’s decentralized architecture, keys are split into fragments across physical devices, eliminating the need for central key stores and passwords. Decrypting files is seamless. A user clicks on a file and then approves a notification prompt on a mobile device or through a secure, automated workflow facilitated by a key shard server. This action provides the relevant key shards to reconstitute the encryption key, which subsequently decrypts the file. Multifactor encryption allows for the highest levels of data security without sacrificing business performance and productivity. The concept is simple, but the approach completely changes how data is protected. 

For organizations like MDBA and others, multifactor encryption provides a more secure solution that achieves data-centric security everywhere data is stored. 

As crippling cybersecurity breaches continue to create global threats at the highest levels, organizations must regularly reassess their data protection strategy and prepare for the future. While data discovery, classification, and access controls help to improve visibility and control over sensitive data, this alone is not enough. The right encryption solution will ultimately protect information when all other security measures fail. By adopting a data-centric approach that includes multifactor encryption, organizations of all sizes can quickly and easily prevent becoming the victims of potentially devastating ransomware attacks.

Atakama is redefining the encryption landscape. Its decentralized, multifactor approach to cryptographic key management protects organizations from data exfiltration. With Atakama, security practitioners and end-users alike realize true data protection and unimpeded business performance. Contact us today to learn more.