Shop Plans

Sensitive NATO Data Leaked After Cyber Attack
On Portugal’s Armed Forces

Contents

Summary Of The Attack

  • Diario de Noticias, a local Portuguese news organization, on September 8th, reported that the Portuguese Government Department of Defense has been the subject of a cybersecurity data breach involving leakage of sensitive NATO documents that are published and sold on the dark web.
  • After an investigation was performed, it was established that unsecured channels were used for transmission of data.
  • The attack in which the data were exfiltrated was constructed in such a manner that it was undetectable and it was launched through a bot network that was primarily designed to obtain sensitive data.
  • The Department that suffered the breach is under suspicion that they broke protocol which led to the incident.
.

What Happened?

On September 8, Portuguese local news organization, Diario de Noticias reported that the Portuguese Government’s Department of Defense has allegedly been a subject of a cyber security data breach involving exfiltration of confidential NATO documents.

The Anatomy Of The Attack

The General Staff of the Armed Forces (EMGFA) was the department that was attacked and hundreds of documents were found for sale on the dark web.

The department that was attacked only found out about the incident after US intelligence informed them of it.

Portugal’s Prime Minister António Costa was informed about the breach through the US embassy in Lisbon.

According to the report, a team of security experts from the National Security Office and also a team from Portugal’s national cyber security center investigated the attack and the network and it was established that unsecured channels were used for sending and receiving classified documents.

Later on, they also came to the conclusion that the attack was constructed in such a manner that it was undetectable and it was launched through a bot network that was primarily designed to obtain sensitive data.

Free Security Policy Templates

Get a step ahead of your cybersecurity goals with our comprehensive templates.

Download Now
IT Security Policy Templates

Human Error Or Breaking Protocol?

Since we should be talking about highly secure systems, in the General Staff of the Armed Forces (EMGFA), a government department that deals with highly confidential information, we would assume that the computers are air gapped, which reportedly it was the case, however, the exfiltration used standard non-secure lines.

From that, the initial conclusion of the investigation was that the top military body had broken the operational security rules at a certain point which led to the secret information being exposed, leaked and then sold on the dark web.

From the results of the investigation, it was also reported that the exfiltration of documents that were sent from NATO to Portugal took place on EMGFA computers, mainly those used by CISMIL, The Department for Military Secrets, and The General Directorate of Resources of National Defense.

Next Steps

The National Office of Security (GNS), External Secrets, and The Secret Services are involved in investigating the hack, however, allegedly NATO did demand an explanation from the Portuguese government even though they didn’t want to make any official statements on the matter.

On the other hand, the Portuguese Prime Minister’s office spokesperson gave a statement in which it was elaborated that the government is dedicated to maintaining and protecting its armed forces and the Defense Ministry’s credibility as a founding member of NATO.

Furthermore, the spokesperson noted that they will continue to work daily, as they have so far, so that their credibility remains intact.

Article by

Picture of Jason Firch, MBA
Jason Firch, MBA
Jason is a proven marketing leader, veteran IT operations manager, and cybersecurity expert with over a decade of experience. He is the founder and CEO of PurpleSec.
Linkedin
Picture of Jason Firch, MBA
Jason Firch, MBA
Jason is a proven marketing leader, veteran IT operations manager, and cybersecurity expert with over a decade of experience. He is the founder and CEO of PurpleSec.

Share This Article

Our Editorial Process

Our content goes through a rigorous approval process which is reviewed by cybersecurity experts – ensuring the quality and accuracy of information published.

Categories

AI Security

Cybersecurity Strategy

General Cybersecurity

Network Security

Penetration Testing

Ransomware

Recent Cyber Attacks

Small Business

Social Engineering

Vulnerability Management

The Breach Report

Our team of security researchers analyze recent cyber attacks, explain the impact, and provide actionable steps to keep you ahead of the trends.

Learn More

Related Breaches

PurpleSec

Get Secure Today.

Founded in 2019, PurpleSec is a veteran-owned cybersecurity company with a mission to help SMBs and startups affordably meet their security requirements.

Explore The Savings

Our Solutions

Virtual CISO

Defiance XDR

Social Engineering

Vulnerability Mgmt

Penetration Testing

Contact Us

Why PurpleSec?

About Us

Case Studies

How We Work

Our Leadership

Our Mission & Values

Linkedin Youtube Twitter

Learn With PurpleSec

Blog

Podcasts

Recent Cyber Attacks

Cybersecurity Insights

View All Resources