back to article Clop ransomware gang leaks online what looks like stolen Bombardier blueprints of GlobalEye radar snoop jet

The Clop ransomware gang claims to have stolen documents from aerospace giant Bombardier’s defense division – and has leaked what appears to be a CAD drawing of one of its military aircraft products, raising fears over what else they’ve got. Over on their Tor hidden service, the cyber-extortionists published what they said …

  1. Anonymous Coward
    Anonymous Coward

    What on Earth is an Accellion and why would anyone use it or pay for it when there’s SFTP? Just asking for trouble.

    1. Doctor Syntax Silver badge

      Price and worth are easily confused by some people. sftp, scp and the like are free, therefore worthless. Much better to use something paid for.

      1. OhThatGuy

        The reason for this can be that in case of problems, you have someone to go after. With free SW you have to have competence in-house to look after it, it isn't free as in free of maintenance.

    2. AOD
      Alert

      Not the voice of experience speaking...

      Whilst I haven't worked with Accellion itself there are plenty of other similar file transfer/workflow type packages out there.

      Why not SFTP you cry? Well for one thing, these platforms tend to offer lots of features that companies find genuinely useful without having to roll their own and usually support various different transfer/authentication options *including* SFTP, IP address whitelisting etc.

      Maybe you want to push files to a remote server, perhaps you wish to be able to see the time and date that a client logged in to pull their files. Perhaps the recipient requests that certain files be retransmitted because they had a processing issue on their side.

      None of the above is hideously complex, but it is non-trivial if you want it to work well and not have an interface that stinks.

      1. CrackedNoggin

        Re: Not the voice of experience speaking...

        OK ---- but their interface did have a vulnerablity, as the article states. https://www.accellion.com/company/press-releases/accellion-provides-update-to-recent-fta-security-incident/ . Twenty year old software, apparently, whatever that means.

        1. Phil O'Sophical Silver badge

          Re: Not the voice of experience speaking...

          but their interface did have a vulnerablity,

          ssh/sftp has had several such, over the years. Commercial software isn't necessarily better, but it isn't necessarily worse, either.

    3. Potemkine! Silver badge

      From Wikipedia

      Accellion, Inc. is a Palo Alto, California-based private cloud solutions company focused on secure file sharing and collaboration

      Woops.

      From Accelion's website:

      Avoid OneDrive Sharing Pitfalls

      5 Key Safeguards to Prevent a Data Breach Following Your Office 365 Rollout

      Protect your intellectual property, demonstrate compliance, and reap the full benefits of Office 365.

      Re-woops.

      1. WhereAmI?

        We used to use (past tense) Accellion. We dropped it because it was expensive and a PITA to keep under proper control.

    4. Korev Silver badge

      >What on Earth is an Accellion and why would anyone use it or pay for it when there’s SFTP?

      Most Commentards would be able to use SFTP with ease; however, I suspect many "normal" people would struggle with the command line. Most GUI wrappers seem pretty clunky TBH*

      *feel free to suggest nice ones if I'm wrong

      1. Peter Gathercole Silver badge

        Flexible use of SFTP

        There are full filesystem interfaces that use SFTP as a transport layer. It's quite impressive, although I would guess that it's not the most efficient means of transferring files.

        All things like this are possible over more simple protocols. Anyone remember Archie?

  2. Claptrap314 Silver badge

    Huh. Someone seems to have compromised a service supplied by a third party...

    That's like super, super rare. Hardly ever happens. I've not seen anyone else with such a problem. Not even once.

  3. Pascal Monett Silver badge

    One thing is for sure

    The 2030's is going to see company network security beefed up by a large margin.

    There have been so many high-profile hacks since a few years, I cannot imagine that the security industry isn't feeling a major kick in the rear and is going to react in a big way.

    At least, I hope so, or God save our data because we won't be able to.

    1. Peter Gathercole Silver badge

      Re: One thing is for sure @Pascal

      Are you really thinking it's going to take at least 9 more years at least to achieve this? Or did you mean the 2020s?

      1. lglethal Silver badge
        Trollface

        Re: One thing is for sure @Pascal

        He's being realistic about how long the Board will need to approve the budget request....

  4. shortfatbaldhairyman

    Security vs Ease of Use? A losing if not lost battle.

    Sacrificing security for (perceived?) ease of use is what it is. And, ease of use is easy to understand, security never is. So, ALWAYS, ease of use.

  5. Potemkine! Silver badge

    Heard recently:

    - Our policy is to not externalize sensitive documents.

    - Nah, now you will use OneDrive and Sharepoint 365.

    - And where are the documents stored?

    - Hmmm.. I don't know. But OneDrive is so easy and practical! Use OneDrive, it's an order.

    1. DwarfPants

      OneDrive - In the sand, I am not being very helpful am I

      https://youtu.be/yBKcr1lM3rQ

  6. TeeCee Gold badge
    Black Helicopters

    The Clop ransomware gang..

    ..now high on the target list of the CIA, MI6, Mossad and all sorts of other agencies lacking aversion to "wet work".

    Wouldn't want to be one of them right now.

    1. Version 1.0 Silver badge

      Re: The Clop ransomware gang..

      It would be crazy to think that if a ransomware hacker has found the information then nobody else ever did first.

      1. Alan Brown Silver badge

        Re: The Clop ransomware gang..

        It would be crazy to think that a ransomware skiddie won't give up whoever passed it to them for resale too, when faced with rubber hose interrogation techniques

  7. Colin Bull 1
    Happy

    Easy peasy

    Yesterday I set up ftp from my Synology NAS to my 7 year old STB in 5 minutes with a GUI. Now it is set up it is pretty much drag and drop. Total hardware cosr £180, software cost nil.

    1. Peter Gathercole Silver badge

      Re: Easy peasy @Colin

      Really? FTP?

      Raw FTP has been on the no-no list for at least 20 years.

      That really is making your data vulnerable because of no cross-network encryption and plain text passwords.

      Or are you using FTP-S or SFTP, or maybe running it through an encrypted tunnel?

      1. MrReynolds2U Bronze badge

        Re: Easy peasy @Colin

        If memory serves, those NAS support several transfer methods including a few insecure ones.

        Often since the less secure methods are easier to setup, they are the ones used.

        And, yes SMB I'm looking you!

  8. Anonymous Coward
    Anonymous Coward

    CAD Models of the RADAR - really not high value

    As someone who works in the field of Airborne radars - a CAD model of the radar is not particularly high value. Probably NATO Unrestricted, but Commerically confidential is about as high a rating as it would get.

    If they have any of the documents about the Electronics of the Radar though, THEN some people will be worried. The electronic and processing specs (channels, algorithms, frequency bands, etc.) are all massive secrets at least NATO Secret if not higher, and so I doubt very much these would be on any transfer server. Thats the sort of thing people get shown on a piece of paper whilst standing in a locked office. (Not joking).

    So Bombardier are probably a bit embarrassed about being hacked, but so long as its restriced to their transfer server, they probably wont be having too many sleepless nights.

    1. conel

      Re: CAD Models of the RADAR - really not high value

      I'd echo this; the mechanical aspects of the radar - which is all that's likely to be in the CAD files - is not that important.

  9. FlamingDeath Silver badge

    Idiocracy

    It happened like this

    https://gfycat.com/conventionalunluckyalaskankleekai

    Whats the deal html links not working any more??

    Did someone draw a cock on the site and ruined it for everyone?

    1. Throatwarbler Mangrove Silver badge

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021