NATO is "actively addressing" various IT security breaches after a hacktivist group claimed it accessed some of the military alliance's websites once more, this time acquiring over 3,000 files and 9GB of data.
When questioned about the suspected intrusion, a NATO official declined to answer specific questions and stated that: "NATO is facing persistent cyber threats and takes cyber security seriously. NATO cyber experts are actively addressing incidents affecting some unclassified NATO websites. Additional cyber security measures have been put in place. There has been no impact on NATO missions, operations and military deployments."
On Sunday, the SiegedSec team claimed to have broken into six NATO web portals: the alliance's Joint Advanced Distributed Learning e-learning website; the NATO Lessons Learned Portal, from which the gang claimed to have stolen 331 documents; the Logistics Network Portal (588 documents and other files); the Communities of Interest Cooperation Portal (207 documents); and the NATO Standardisation Office (2,116 documents).
The hacktivists, who call themselves "gay furry hackers," mainly target government organisations whose policies they disagree with and have a tendency for political PR stunts, also shared a link to the allegedly stolen files on their Telegram channel.
"The astonishing siegedsec hackers have struck NATO once more!!1!!!," the crew wrote, bragging: "NATO: 0. Siegedsec: 2."
The hacking group is referring to its previous NATO infiltration in July, when it claimed to have stolen material from 31 countries and exposed 845MB of data from the alliance's Communities of Interest (COI) Cooperation Portal.
Despite the fact that it doesn't include any classified information, this website is used by NATO organisations and member nations. And yes, SiegedSec claims to have broken into one of the portals again towards the end of September.
Threat intelligence firm CloudSEK analysed the exposed material from the previous hack and discovered at least 20 unclassified documents and 8,000 personnel records with names, firms and units, working groups, job titles, business email addresses, home addresses, and images.
To put it another way: essentially everything a spy, would-be identity thief, doxxer, social-engineering campaign coordinator, or plain old troll would want for potential fraud, phishing, espionage, or other types of general havoc.