Cyber ​​Security | A provider of aerial combat under attack

Hackers say they stole data from a Quebec company that made hundreds of millions of dollars from contracts to train pilots for Canadian, US and Allied forces. They threaten to publish them on the hidden web on May 15 (dark web

Posted at 2:21 PM

Hugo Joncas

Hugo Joncas
The press

The Lockbit 2.0 hacker gang claims on its blog to have stolen 44 gigabytes of information from Top Aces and threatens to release it on the evening of May 15.

Top Aces multiplies combat training contracts with the Canadian, US and German armies.

However, the Dorval company says it is still looking for traces of the break-in. “We do business with an outside company that helps us do that,” said spokeswoman Erin Black.

Its US subsidiary has filed a complaint with the FBI, according to our information.

Erin Black clarifies that the company has not found any ransom money. Lockbit is a ransomware hacking gang, which usually encrypts the target’s data after they steal it. At the same time, he submits a payment request on the affected server to restore access to the information.

Largest private yacht fleet

Top Aces, founded in 2000 by former military pilots, offers combat training. The company claims to have the largest private fleet of fighter jets.

In 2019, the United States Air Force awarded Top Aces a portion of a $6.4 billion contract to train its pilots in combat at 12 bases. For these exercises, including mock operations against the Russian military, the company purchased a fleet of 29 used F-16 aircraft from Israel.

In 2017, Top Aces also signed a $480 million contract with Canadian National Defense for combat training services. The renewable contract could reach a total value of 1.4 billion by 2031.

The Caisse de depot et placement du Québec is a major shareholder of the company. In the latest annual report, the private placement in the holding company that owns Top Aces is estimated at between 50 and 100 million.

The Canadian Forces cannot determine the effect the cyber-attack may have on the security of their data and operations.

“We are not sure if there is an impact and if the leak contains information that belongs to us,” said army spokesman Daniel Le Bouthillier. We consult with our IT staff. †

He believes that Top Aces probably leaked little sensitive information.

Probably for the money

In a statement released last February, LockBit hackers explained that “most” of its members were citizens of former USSR countries, “like Russians and Ukrainians”. However, the gang added that the programmers also come from China, the United States, Canada and Switzerland.


IMAGE OF LOCKBIT 2.0 SITE IN HIDDEN WEB

Lockbit 2.0 hackers say they stole 44GB of data from Top Aces and threaten to release it every day.

A cybersecurity expert, consulted by La Presse, thinks the hacking probably has nothing to do with the war in Ukraine.

“There’s no reason to believe that LockBit’s attacks are motivated by anything other than money,” said Brett Callow, cyber threat analyst for antivirus company Emsisoft. That’s not to say the stolen data won’t end up in the hands of other actors, possibly including hostile governments. †

In February, LockBit said it was “apolitical” and assured it would “under no circumstances” participate in attacks on critical infrastructure or in international conflicts.

One of the biggest hacker gangs

The gang, active since mid-2019, is now one of the most active in the world. According to the page of his blog in the hidden web he visited The pressbut it counts few large organizations among its victims.

Like most hacker groups, ransomware developers deal with “affiliates” who use their program to infiltrate their targets’ networks, steal and encrypt their data. They then demand a ransom to give them access again.

Security measures sometimes succeed in blocking cyber criminals before the data is destroyed, without having been able to prevent theft. In such cases, the victims are not aware of the leak until the ransomers disclose their misdeeds, as they just did on their blog.

Leave a Comment