A supplier to a number of major defense companies — including Lockheed Martin, Boeing, General Dynamics, and SpaceX — is the target of a ransomware attack. Documents purportedly stolen from Denver-based Visser Precision Manufacturing are already showing up online, according to Emsisoft, the cybersecurity company that made the attack public.
It’s a textbook example of a type of cyber attack the Pentagon is trying to prevent: going after a defense supplier that holds sensitive data yet is small enough to lack sophisticated cyber defenses.
DoppelPaymer, the ransomware used in the alleged attack, typically steals data before encrypting it on the victim’s computer, said Brett Callow, a threat analyst for Emsisoft. In February, the group running the DoppelPaymer malware set up a website for exposing files belonging to its victims, Callow said.
“The actor has been active since the middle of last year, but has only started publishing data [stolen in the attack] in the last few days,” Callow said in an email to Defense One.
Officials with Visser, whose website says it makes “precision parts for success in major industries, from the racetrack to outer space,” confirmed to TechCrunch that it was a victim of “criminal cybersecurity incident” and had data stolen, but now its “business is operating normally.”
The group’s recent victims appear also to include Pemex, an oil company owned by the Mexican government; and defense supplier ransomware
