Following reports by hacktivist group APT Iran that it had hacked the company, defence and aerospace giant Lockheed Martin has said it is aware of the threat actor’s claims.
“We are aware of the reports and have policies and procedures in place to mitigate cyber threats to our business,” a Lockheed Martin spokesperson told Cyber Daily.
“We remain confident in the integrity of our robust, multi-layered information systems and data security.”
APT Iran boasted on its Telegram channel on 20 March that it successfully exfiltrated 375 gigabytes of data from the company, including sensitive files related to military hardware, including:
- Technical documentation related to F-35 Block 4.
- Information on next-generation interceptor missile systems.
- Contracts and internal communications.
- Employee-related data and internal emails.
The threat actor said the data was worth hundreds of millions of dollars and that it was considering selling the data to the highest bidder.
However, these claims remain unverified at the time of writing, as the group has not published any evidence of the hack.
Earlier in March, APT Iran claimed to have successfully penetrated the Jordan Silos and Supply General Company via a phishing attack targeting one of its employees. The group said it was able to take control of temperature and moisture management systems and weight scales, raising temperatures to destroy grain stocks.
The group also claimed to have shut down inverters at a local solar power plant.
In addition, APT Iran has issued warnings to fellow travellers regarding possible compromise of Starlink devices and VPNs.
“Important notice for Starlink device users in Iran – this tool has fallen into the hands of Israeli intelligence and is being used to track the precise locations of individuals inside Iran,” the group said, in Farsi, on its Telegram channel.
“We warn users not to use these devices. We predict with years of experience that Starlink terminals are a precise tracking tool and will easily betray their users.”
APT Iran said in a follow-up post that it was planning on shutting down Starlink devices in the country and that it was going to expose “VPN sellers and their associates” as collaborators.
“We have no time for them,” an APT Iran spokesperson said. “We will fight alongside you and expose the full details of their operations.”
David Hollingworth
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.