About 4 TB Data from Stark Aerospace Stolen by INC Ransom 

• The multi-extortion gang INC Ransom threatened a US Defence contractor with stolen data.
• The ransomware group allegedly hacked designs, source codes, passports and other data from Stark Aerospace.
• About 4 TB of data is in the possession of the hackers according to their dark web claims.

A ransomware group claimed that they hacked Stark Aerospace, a prominent aerospace and defense system manufacturer based in Mississippi, United States. 

An operator from the INC Ransom group posted a detailed note about the stolen data from Stark Aerospace that serves the United States’ Department of Defense and the Navy among other clients.

INC Ransom group mentioned that they have about 4 TB of company data which they will sell on the dark web if their demands are not met. The exfiltrated data includes the following:

1. Designs 
2. Source codes of software and firmware developed by the firm
3. UAV
4. Part details of the components manufactured by the firm
5. Building plans
6. Scientific resources used for reference

Besides the above mentioned records, INC ransom also allegedly stole contractual agreements with the Department of Defense and other military contractors, supply chain, and technology partners.

Posing a threat to employees and other members' privacy, the ransomware group accessed personal data, and copies of passports of those who fly for training and presenting the products to clients. 

They claimed that they have information about programs of the production and launch of reconnaissance satellites functionality. If claims are to be believed, INC Ransom ‘partially’ took away the records of machines likely suggesting that they also deleted the data.

Moreover, they possess the configuration of information security tools of which they posted samples in the claim as proof.

A huge ransom might have been demanded by the group known to target high profile companies belonging to healthcare, education and the government. They gain access through spear-phishing email and exploiting vulnerabilities in the software. 

It is not known how the hackers gained access to Stark Aerospace' systems. It can be a direct attack using a phishing email or by exploiting a vulnerability. In a recent incident, an insider from the U.S. army John Wagenius who worked as a communications specialist was arrested for trying to sell sensitive call records belonging to the FBI agents and officers.

It is perhaps threats like these why the U.S. the Department of Homeland Security (DHS) terminated all the memberships of its advisory committee for national security.