Researchers from the US-based firm Cyble recently came across a post shared by an unknown threat actor that goes online with the moniker Spectre123, where he has allegedly leaked the sensitive documents of NATO and Havelsan (Turkish Military/defence manufacturer).
Cyble analyzed the leaked sensitive documents and reported that they include Statement of Work files, proposals, contracts, 3d designs, resumes, excel sheets containing raw materials information, and financial statements.
It is unclear if the threat actors acted for cyber espionage purposes or hacktivism, the content of the message advertising the leak suggests that it was the work of hacktivists, but we cannot exclude that it is the result of a nation-state actor.
“Based on the message body of the leak, the cyber attack indicates hacktivism, but last year, around May 23, 2019, UK warned NATO allies of hacking activities of Russia -> Link. Also, in September 2020, it was reported that Russian hackers targeted government agencies in NATO member countries, and nations who cooperate with NATO -> Link.” reads the post published by Cyble. “These events ensue an unsatisfying narrative – Is it really hacktivism or cyber espionage?”
The availability of sensitive documents like the ones discovered by the experts could allow threat actors to gather intelligence on potential targets and use the leaked information to carry out spear-phishing campaigns.
Cyber researchers are still investigating the data leak and will provide updates on the story.
(SecurityAffairs – hacking, NATO)