European defence large Naval Group has confirmed that it’s investigating an alleged cyber assault which has seen what purports to be delicate inside knowledge revealed on the web by hackers.
Naval Group builds and maintains an array of ships and submarines for the French navy, together with plane carriers and nuclear submarines. It counts a number of international navies amongst its clients together with India and Brazil.
As such, a safety breach in opposition to the defence contractor must be thought-about a priority for not simply France’s nationwide safety, however that of different nations as nicely.
The alleged breach first got here to gentle after a hacker calling themselves “Neferpitou” put up on the market what they claimed to be roughly 1 TB of Naval Group’s inside knowledge, providing a 13GB free “pattern” of its contents.
The announcement was made in a publish on an underground hacking discussion board.
The info was stated to incorporate supply code associated to fight methods used on French nuclear submarines and frigates, weapon system software program, simulation environments, community designs, consumer manuals, and inside communications.
Of their discussion board publish on 23 July, Neferpitou stated that Naval Group had 72 hours to make contact or “I will leak all the things without spending a dime.” No ransom demand has been made public to this point.
On 25 July, Neferpitou posted an replace sharing a hyperlink to extra element and stated that Naval Group had 24 hours left to contact them.
True to their phrase, the hacker posted once more on Saturday 26 July, sharing a hyperlink to what they claimed was the whole lot of the leaked knowledge, below a banner saying “!! ENJOY AND SEE YOU NEXT TIME !!”
In what appears more likely to be a sign of how Neferpitou gained entry, the hacker signed off with the message:
“Have in mind, nothing is really disconnected from Web…”
At this level Naval Group issued a assertion in French and English, saying that it was conscious of the cyber assault declare, and that it had launched a technical investigation supported by a staff of cybersecurity consultants.
The assertion stated that it was analysing and verifying the authenticity of the information that had been shared on-line in what it described as a “reputational assault.”
“At this stage, no intrusion into our IT environments has been detected and there was no impression on our actions,” concluded Naval Group’s advisory.
Final week, Microsoft warned that Chinese language hackers had been actively exploiting a distant code execution vulnerability often called “ToolShell” in companies’ SharePoint servers.
The vulnerability, identified technically as CVE-2025-53770, was decided by Bitdefender researchers to have compromised methods throughout Europe, the Center East, and North America.
Though it has not been confirmed that the supply of Naval Group’s leak was on account of exploitation of an on-premises SharePoint server, what’s plain is that there was a protracted historical past of nations breaching the defence infrastructure of different nations to assemble intelligence and trigger disruption.
Cybercriminals, whether or not state-sponsored or not, are eager about stealing delicate data which might have greater than a monetary worth.
All companies, no matter whether or not they work within the defence sector or not, could be silly to disregard the risk posed by hackers. It’s important to make sure that your organisation has robust defences in place to cut back the chance of a profitable assault.
