On November 5, according to information disclosed by the US defense contractor Electronic Warfare Associates (EWA), EWA was attacked by criminals, the company’s email system was compromised, and documents containing sensitive personal information were leaked. It is not possible to confirm whether classified government documents have been leaked.
According to the information, electronic Warfare Associates (EWA) is a provider of high-tech defense hardware and software solutions for communications, access control, simulation, training, management, testing and surveillance systems (radar) in the United States. The company’s main customers include the US Department of Defense (Army, Navy, Air Force, DARPA, OSD), Department of Justice and Department of Homeland Security (DHS), many of which involve classified military information and are very sensitive.
Because of this, EWA has gone to great lengths to downplay the impact of the incident. In a report sent to the Montana Attorney General’s Office, EWA acknowledged the company’s breach of information as a result of the cyberattack, but stressed that the “impact was very limited.”
“According to EWA’s investigation results, on August 2, 2021, the attackers invaded the EWA email system and attempted to launch network fraud and other attacks through emails. Therefore, EWA has reason to believe that the attacker’s target is the network Fraud, not theft of personal data and information. However, in this cyber attack, some files containing personal information were inevitably leaked.”
With the assistance of a third-party cybersecurity firm, EWA found that the attackers stole private information such as the recipient’s name, social security number (SSN), and driver’s license, but could not confirm whether they stole classified government documents and military information. .
In order to ensure that employees and users do not suffer losses due to this information breach, EWA has purchased Equifax’s Complete Premier service, which provides them with free fraud detection and identity theft protection for two years.
In fact, this is not the first time EWA has suffered a cyber attack.
In January 2020, EWA suffered a ransomware attack. The web server was infected with Ryuk ransomware, resulting in the encryption of key data and information. The Ryuk ransom group demanded hundreds of thousands of dollars in ransom, causing serious economic losses to EWA.
It is reported that Ryuk ransomware mainly spreads infections through spam or exploit kits. Obviously, the EWA company that was attacked by extortion did not learn the lesson in this regard, and failed to take good security measures for emails, so that it was attacked by criminals again a few months later.
As one of the U.S. defense contractors, EWA should have fallen twice in the same place. If the military secret information is leaked, it will be a crit for EWA.