"Earlier in the week, Scattered Lapsus$ Hunters told us that they gained initial access to ESA's servers back in September by exploiting a public CVE, and stole 500 GB of very sensitive data. This, we're told, includes operational procedures, spacecraft and mission details, subsystems documentation, and proprietary contractor data from ESA partners including SpaceX, Airbus Group, and Thales Alenia Space, among others."
"According to a Shiny Lapsus$ Hunters spokesperson and sample files seen by The Register, the stolen goods appear to include both internal files and documents originating from contractors. This spans operational procedures, contingency plans, system capabilities and security protocols, spacecraft tolerances and failure modes, Earth Observation (EO) satellite constellation details, and other documents related to managing satellite orientation and position."
""ESA is in the process of informing the judicial authorities having jurisdiction over this cyber incident to initiate a criminal inquiry," an ESA spokesperson said via email."
The European Space Agency experienced a cyber intrusion that exploited a public CVE to gain server access in September and resulted in the theft of roughly 500 GB of sensitive data. Stolen materials include operational procedures, contingency plans, spacecraft and mission details, subsystem documentation, system capabilities, security protocols, spacecraft tolerances and failure modes, and Earth Observation satellite constellation information. Files from contractors and partners such as SpaceX, Airbus Group, Thales Alenia Space, OHB, and EUMETSAT were reportedly exfiltrated. Attackers claim the security hole remains open, and ESA is informing judicial authorities to initiate a criminal inquiry.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]