Royal ransomware group added Mainstream Engineering, a NASA and the US Department of Defence contractor, to its victim list. Mainstream Engineering is a US-based research and military end-user product manufacturing company.
Prominent government agencies and global organizations are suspected to be impacted by this alleged Mainstream engineering cyberattack.
NASA and DoD contractor: A Royal hit
Mainstream Engineering is a leading research and development (R&D) firm that specializes in converting advanced thermal control and energy conversion technology into high-quality and cost-effective commercial products.
Its areas of proficiency encompass heat transfer, fluids, thermodynamics, mechanics, chemistry, nanotechnology, and power.
By means of externally-funded R&D programs, Mainstream is currently offering solutions to the Department of Defense, NASA, the U.S. Department of Agriculture, the U.S. Department of Energy, and the U.S. Department of Transportation among others.
The Royal ransomware group claimed to have nearly 735 GB of company data from the alleged NASA and DoD contractor’s attack.
The files contain personal data of clients and employees, projects, drawings, internal documents, etc., according to the group’s leak site post.
The leak site post made on March 9, 2023, further read that the company has 128 employees and a revenue of 267 million.
The Cyber Express contacted Mainstream Engineering for comment, however, is yet to receive a response. The website noted on the ransomware post of Royal ransomware was accessible at the time of writing.
What next after NASA and DoD contractor attack
NASA and DoD contractors attacked by the Royal ransomware group is one among the several incidents clouding global organizations.
Government agencies, defense agencies, and organizations were targeted strategically by several Russian and other cybercriminal groups in the past few decades.
A hike of up to 95% was witnessed in cyberattacks aimed at government bodies in 2022. Among the most targeted nations were the United States of America, Indonesia, and China which were subjected to nearly 40% of cyberattacks.
March 2023 witnessed large-scale cyberattacks on organizations including –
- The French National Assembly was attacked with a DDoS for its support for Ukraine.
- The German defense firm, Rheinmetall was targeted with a DDoS attack.
- S. Federal Agency was attacked exploiting a vulnerability in Microsoft Internet Information Services (IIS) by a Vietnamese espionage group.
- An East Asian data protection company serving the military and government entities was attacked by a Chinese cyberespionage group for a year.
- S. and European politicians, businesspeople, and celebrities were targeted by Russian hackers with social engineering campaigns for publicly denouncing Vladimir Putin.
A large number of groups are cropping into the dark web in the name of hacktivism attacking entities that do not align with their political beliefs. Affiliates are hired, software developed, and malware sold to increase attacks.
Royal ransomware, NASA, and DoD Contractor attack
(Photo: VMware)
Royal ransomware, which attacked the NASA and DoD contractor, gain access by exploiting vulnerabilities which stress the need to maintain cybersecurity starting with updating devices. They target companies and countries across the globe that are both small and large scale.