Shipbuilder Austal was hacked with stolen creds sold on dark web

[InfoSec News <alerts () infosecnews org>]

https://www.itnews.com.au/news/shipbuilder-austal-was-hacked-with-stolen-creds-sold-on-dark-web-546165

By Ry Crozier
iTnews.com.au
April 8, 2020

Austal, the ASX-listed shipbuilder and defence contractor, was compromised in 
late 2018 by an attacker who used login credentials purchased on a dark web 
forum, but who then failed to extract much of value or secure a ransom to have 
it returned.

CEO David Singleton provided a full post-mortem of the mid-October 2018 breach 
last week - which he said included a grilling from senior government ministers 
- and revealed cyber defences put in place afterwards had saved the company 
from credential phishes as recently as the past fortnight.

Singleton said the company was breached in October 2018 using stolen 
credentials sold on the dark web, a place he characterised as a kind of 
“parallel universe… where criminals hide and where criminality is rife”.

“I still don't really know what [the dark web] is,” Singleton told a recent 
industry event.

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_