Leaked Data from NATO Missile Manufacturer Revealed

In July, the Adrastea threat actor group claimed that it had stolen up to 60GB of sensitive data from MBDA, an American missile company organized in Delaware which is currently the world’s second-largest missile manufacturer.

Upon publication of the stolen data, at the time on sale for (1) BTC on Russian forums, MBDA vehemently denied the claims. The company released several press reports saying that: “MBDA is refuting the alleged hacking, of the company’s information systems, and has filed a report with the police of an attempt to blackmail the company.” The series of statements went on to say that there was no hack, but rather information was stolen via hard drive, then posted on line.

Cyber-security researchers at CloudSEK, a contextual AI company specializing in predicting cyber threats, conducted a study that allowed them to obtain some of the stolen files.

CloudSEK confirmed that the stolen files included personally identifiable information (PII), standard operating procedures (SOPs) of NATO counterintelligence teams, and internal sketches of cabling diagrams of missile systems. According to the CloudSEK publication, information leaked included:

  • Confidential PII of MBDA’s employees
  • Military sketches
  • Documents underlying NATO’s requirements
  • SOPs describing NATO’s Intelligence functions
  • Employees who took part in the closed Military projects of MBDA (PLANCTON, CRONOS, CA SIRIUS, EMADS, MCDS, B1NT, etc.)
  • Documentation of activities tying the MBDA to the Ministry of Defense of the European Union including:
    • Drawings and presentations
    • Video and 3D photo materials
    • Design documentation of the air defense, missile systems of coastal protection
    • Contract agreements and correspondence with the other players in the defense industry such as Rampini Carlo, Netcomgroup, Rafael, Thales, ST Electronics, etc.


While CloudSEK classified the security lapse as an “Unpatched Security Vulnerability “, it did not publish whether the information system itself was hacked or if the company’s story regarding the hard drive was to blame. Either way, this volume of information concerning a NATO arms manufacturer being up for sale to the highest bidder is troubling and showcases the need for stronger cyber safeguards among government contractors. CloudSEK also made the recommendation for companies to monitor ransomeware forums in order to observe prevalent tactics and procedures used by these criminals.


United States Military Academy and American Military University Alumni. Victor covers flash military, intelligence, and geo-political updates.


Taiwan to Begin Manufacturing Loitering Munitions

The Taiwanese Ministry of National Defense has allocated funding to begin producing local loitering munitions after defense officials stated that the number of drones purchased from the US is...

Suspected Militants Escape High Security Prison in Niger

On July 11th, an unknown number of assailants escaped from Niger's Koutoukale prison in Tillaberi region, the nation's only high-security prison, which according to local press, holds "terrorist leaders...