Wave Systems Corp. (fka WAVXQ)

[Genz2]

Ransomware scumbags leak Boeing, Lockheed Martin, SpaceX documents after contractor refuses to pay

https://www.theregister.co.uk/2020/04/10/lockheed_martin_spacex_ransomware_leak/

Anti-mortar system specs, legal paperwork, payment forms, and more, dumped online from infected PCs

Internal confidential documents belonging to some of the largest aerospace companies in the world have been stolen from an industrial contractor and leaked online.

The data was pilfered and dumped on the internet by the criminals behind the DoppelPaymer Windows ransomware, in retaliation for an unpaid extortion demand. The sensitive documents include details of Lockheed-Martin-designed military equipment – such as the specifications for an antenna in an anti-mortar defense system – according to a Register source who alerted us to the blueprints.

Other documents in the cache include billing and payment forms, supplier information, data analysis reports, and legal paperwork. There are also documents outlining SpaceX's manufacturing partner program.

The files were siphoned from Visser Precision by the DoppelPaymer crew, which infected the contractor's PCs and scrambled its files. When the company failed to pay the ransom by their March deadline, the gang – which tends to demand hundreds of thousands to millions of dollars to restore encrypted files – uploaded a selection of the documents to a website that remains online and publicly accessible.

Visser is a manufacturing and design contractor in the US whose clients are said to include aerospace, automotive, and industrial manufacturing outfits – think Lockheed Martin, SpaceX, Tesla, Boeing, Honeywell, Blue Origin, Sikorsky, Joe Gibbs Racing, the University of Colorado, the Cardiff School of Engineering, and others. The leaked files relate to these customers, in particular Tesla, Lockheed Martin, Boeing, and SpaceX.

When asked about the dump, a Lockheed Martin spokesperson told us: "We are aware of the situation with Visser Precision and are following our standard response process for potential cyber incidents related to our supply chain.

"Lockheed Martin has made and continues to make significant investments in cybersecurity, and uses industry-leading information security practices to protect sensitive information. This includes providing guidance to our suppliers, when appropriate, to assist them in enhancing their cybersecurity posture."

Visser Precision did not respond to a request for comment on the leak. Tesla, SpaceX, and Boeing did not respond either.

This is not the first time the DoppelPaymer crew has publicly shared stolen confidential data after a victim failed to pay the ransom demands. In fact, the crooks have a regularly updated website full of internal documents belonging to organizations that didn't cough up, though admittedly most are significantly less interesting than the Visser Precision cache.

The dumps are intended to scare others who are infected with the ransomware into paying the group's demands. The Register will not be linking to the site.

For what it's worth, the DoppelPaymer gang vowed to lay off attacking hospitals during the coronavirus pandemic. Whether or not this promise was honored is another question.

While law enforcement agencies and security experts uniformly agree that paying a ransom demand is a bad idea and poor substitute for keeping offline backups and properly securing data, some experts have conceded that, when it's your corporate data on the line, caving in and paying up can be an option. ®
==================================================================
SEDs should be the standard in at least critical industries to STOP ransomware!!! SEDs and Wave SED management could protect organizations from ransomware!!! Wave solutions could prevent the costs and stress associated to the ransomware for organizations. This article is highly alarming for organizations refusing to pay the ransom which the government recommends.
==================================================================
https://www.wavesys.com/products/wave-self-encrypting-drive-management

Enterprises choose Wave to manage SEDs

Why? From our single console, you can manage all your organization’s self-encrypting drives (SEDs) easily and remotely, whether they number in the hundreds, or hundreds of thousands.

SEDs are the most secure, best-performing and most transparent encryption option for protecting data on laptops. These drives automatically encrypt all data written to the drive, so you don’t have to decide what’s important enough to encrypt. They also perform this encryption in the hardware of the drive, so you don’t end up with the performance issues software full-disk encryption is infamous for. SEDs are available as HDD or SSD, and are sold by most major drive manufacturers.

Wave’s management solution delivers remote drive initialization, user management, drive locking, user recovery and crypto-erase for all Opal-based, proprietary and solid-state SEDs.

Easy proof of compliance

Your encryption is only as good as you can prove it to be. To comply with most data protection regulations, your organization has to prove encryption was in place at the time of a potential breach. Wave provides secure audit logs to help you demonstrate compliance.

If you lose a device with a Wave-managed SED, there’s no wondering or guessing. You know encryption was on by default, and you can prove it.

No vendor lock-in

SED technology was created and standardized by a consortium of the best in the infosec industry, a standards body called the Trusted Computing Group (TCG). This means you can buy your drives wherever you want, from whatever vendor you want—any SED built to the TCG’s Opal specification can be managed by Wave.

No SEDs yet? No problem.

If your organization hasn’t yet deployed SEDs, you can skip the process of retro-fitting and simply incorporate SEDs on all new laptops as part of your regular refresh cycle. In the meantime, the same Wave console can manage BitLocker and SEDs, so you can protect the devices you have now with BitLocker and add those with SEDs as they are deployed. And if you’re using Wave’s cloud platform, you can also support OSX FileVault2.

Pick your platform

Wave SED management is available via the cloud or on-premise servers. Ask us for more details about which platform is right for your deployment.

Key Features:

Easy security compliance
• Active monitoring, logging and reporting of all user and device events

Data protection
• Local changes are prohibited
• Drive locking is supported in sleep or standby (S3) modes
• Manage clients inside or outside the firewall and on non-domain machines

Simplicity
• Everything is automatically encrypted—users don’t have to identify which data is sensitive
• Windows password synchronization and single sign-on
• Add or remove users remotely
• MMC snap-in is familiar and easy—less administrator training
• Role management allows delegation of tasks with customized or predefined roles.

No compromises
• Encryption is completely transparent to your users—they won’t even notice it's there
• Customizable pre-boot message at authentication screen