NEWS  Security  November 25, 2023  Reading time: 2 Minute(s)

Max (RS editor)

The renowned Idaho National Laboratory (INL), a key player in US nuclear research, fell victim to a cyber attack orchestrated by the enigmatic hacking collective known as Sieged Security, also self-identifying as 'gay furry hackers'. The breach, confirmed by the INL on Tuesday, originated from a cybersecurity data breach within a federally approved external vendor system supporting the lab's cloud-based Human Resources service.

The group, infamous for their involvement in previous high-profile cyber incidents, publicly claimed responsibility for the breach through statements on Telegram and the Breach Forums. Surprisingly, their motivation appears to revolve around an unusual demand: the creation of real-life catgirls.

"We're willing to make a deal with INL. If they research creating IRL catgirls, we will take down this post"

their Telegram post asserted.

The background of SiegedSec reveals a track record that extends beyond mere curiosity. In July 2023, the group targeted NATO, resulting in the leak of sensitive information. In October of the same year, they were involved in cyberattacks against Israeli Critical Industrial Control Systems (ICS).

The breached data reportedly includes addresses, Social Security numbers, birth dates, employment information, and phone numbers of INL employees. The hackers claim to have accessed hundreds of thousands of user records, a statement corroborated by East Idaho News after contacting INL employees.

 IDAHO NATIONAL LABORATORY 

Despite the apparent lack of compromise regarding nuclear secrets, intellectual property, or R&D information, the incident raises concerns about the exposure of staff involved in cutting-edge Nuclear Energy R&D. Colin, an expert commentator, highlighted the irrelevance of the hackers' political motivation, emphasizing the potential risks posed by leaked information.

SiegedSec's demands, centering around the feasibility of creating real-life catgirls, have been met with skepticism. The group maintains that their actions are driven by curiosity rather than malice, distancing themselves from any grudge against the organization.

This breach underscores the escalating sophistication of cyber threats, urging organizations to fortify their defenses. The compromised employee data circulating on underground hacking forums, including Russian-language ones, poses a severe security risk for the INL and its workforce, emphasizing the critical need for heightened cybersecurity measures in an era of growing digital vulnerabilities.

 COVER IMAGE BY VECSTOCK / REVIEW SPACE