Earlier this month, his week, the cyber threat group Hunters International claimed that it hacked Austal USA – the subsidiary of the Australian shipbuilding company Austral – and stole unspecified data. Austal USA, which is based on Blakeley Island in Mobile, AL, operates under a Special Security Arrangement that allows it to work independently and separately on some of the most sensitive United States defense programs despite its foreign ownership.
Austal USA holds multiple U.S. Navy orders, including a supply contract to build section modules for new nuclear submarines. It is the builder of the Independence-class Littoral Combat Ships (LCS) for the U.S. Navy. It also has an active $3.3 billion contract to build 11 patrol cutters for the United States Coast Guard (USCG).
In a list of new victims posted on its Dark Web site over the weekend, the hacking consortium Hunters International claimed to have obtained data from Austal’s U.S. operation.
Austal Responds to Cyber Breach
On Wednesday, Austal USA confirmed the attack.
“Austal USA recently discovered a data incident. We were able to quickly mitigate the incident resulting in no impact on operations,” the company said in a statement, as first reported by BleepingComputer.com.
“Regulatory authorities, including the Federal Bureau of Investigation (FBI) and Naval Criminal Investigative Service (NCIS) were promptly informed and remain involved in investigating the cause of the situation and the extent of information that was accessed,” the statement added. “No personal or classified information was accessed or taken by the threat actor. We are working closely with the appropriate authorities and will continue to inform any stakeholders impacted by the incident as we learn new information.
“Austal USA recognizes the seriousness of this event and the special responsibility we have as a DoD and DHS contractor. Our assessment is on-going as we seek to fully understand this incident so that we can prevent a similar occurrence.”
Hunters International – What We Know
The hacking group dubbed Hunters International is reported to have been formed by members of the notorious Hive ransomware group, which was disbanded by the FBI in collaboration with European law enforcement agencies in January this year.
Hive is believed to have been highly successful, having stolen over US$100 million in ransomware payments and a list of over 1,500 victims.
Hunters International claimed in October to have no direct ties to Hive and instead claimed it had only bought the former hacking group’s code and improved on it. The new hacking unit has been focused on stealing data, and then using it to blackmail or pressure the victim.
It has shown considerable audacity – including earlier this year after it hacked a Beverly Hills plastic surgery clinic and released confidential photos of several patients, while it noted that it had another 250,000 files from the same business.
“It appears that the leadership of the Hive group made the strategic decision to cease their operations and transfer their remaining assets to another group, Hunters International,” Bitdefender technical solutions director Martin Zugec told the Australian-based news outlet Defence Connect.
Latest Troubles For Austal
This is not the first time that Austal has been the victim of a cyberattack, and the Australian parent company of the Perth-based shipbuilder suffered a ransomware attack back in 2018. Experts have warned that the theft of some of Austal USA’s data could impact the company, but also the U.S. Navy.
This is just the latest trouble for Austal USA this year.
Earlier this year, three of its executives were charged by the Securities and Exchange Commission (SEC) for accounting fraud. That included Austal USA’s former president, Craig D. Perciavalle, its then-current director of financial analysis, Joseph A. Runkel, and former director of the Littoral Combat Ships program, William O. Adams.
