Friday, March 17, 2023

SpaceX Contractor Allegedly Breached

 LockBit leaves a message for Elon Musk


By Dominic Alvieri
March 17, 2023
Twitter @AlvieriD



SpaceX contractor allegedly breached.


To breach a contractor. That is in one sense a back door into a companies product or service without hacking into the company itself. This perfect example is the alleged breach of Maximum Industries from Texas. Maximum is a precision manufacturer and AS-9100 certified meaning their parts can be and are supplied to the aerospace industry. AS-9100 is a management standard for manufacturers in the aerospace industry supply chain.

LockBit posted Maximum Industries earlier in the week with an explicit message to Elon Musk. Last night LockBit posted alleged evidence composing of a mutual non-disclosure agreement and "certified" SpaceX drawings. 

LockBit message to Elon in the post below.




LockBit post.



Elon Musk is possibly the number one target in the world. So are his companies and their suppliers.

LockBit claims upwards of 3,000 SpaceX drawings. Catching up with several in the know each one product may have 100 or more drawings with variations and modifications fit to scale so the actual number of products compiled in any LockBit claim would have to be reduced significantly.

What is it worth?


Hard to say without additional evidence, and I'm not in the rocket parts market but there has to be some value to any and all competitors. The part in question does not seem high tech per se but neither is a pencil until you need to write something down. Remember writing?

Is that a 2019 model rocket in your garage?



Mutual non-disclosure agreement


This is tricky. Under normal business disclosure by either side would void the agreement. What are the legal ramifications? I am not a lawyer but did speak with one under the condition of anonymity and was advised not to comment on this. So much for hindsight.

Anyone could have made that copy of the alleged NDA btw. The alleged document is cutoff, unsigned and unverified at the moment. If it was authentic copies would be available to forensically match what was shown including handwriting analysis if needed. 

What happens when a ransomware group discloses an NDA?


This is the current situation. Once again I am not a lawyer and you a reading a free cybersecurity blog so no legal advice. This one is playing out live now.

"...SpaceX contractors were more talkative"

Analyzing this statement would lead one to believe that LockBit might have contractor emails. Take that with a bit of salt. A bit of salt. Cyber dork.





Neither company has made any comment as of this writing and I don't expect Elon Musk to respond to my tweet. Oh well, cyber goes on.

The deadline is Monday pending further drama this weekend.







The Cyber Show

Happy Saint Patrick's Day

@AlvieriD

at No comments:
Labels: , , , , , , , , , , , , , , ,
Subscribe to: Posts (Atom)

Typosquatting with Mikhail

The Infrastructure Boss by Dominic Alvieri April 10th, 2024 @AlvieriD What does a former Boris Yeltsin era Defense Minister for the Russian ...