A hacking group known as SiegedSec has released more than 3,200 documents it said it stole from NATO in its second cyberattack on the military alliance’s computer systems in less than three months.
In a statement on Wednesday, NATO did not directly confirm the strike but said it faced “persistent cyber threats” and that its experts “are actively addressing incidents affecting some unclassified NATO websites.”
“Additional cyber security measures have been put in place,” the NATO statement said. “There has been no impact on NATO missions, operations and military deployments.”
A sampling of the documents that SiegedSec posted earlier this week on social media appear largely bureaucratic including a “lessons-learned” report from U.S. Air Force operations since 2010; a flowchart for carrying out military doctrine; and a schedule of demonstrations for how NATO delivers logistics support to strategic and operational commands.
One of the documents appeared to consist of a spreadsheet of policy issues that NATO is tracking that relate to responding to weapons of mass destruction.
But the fact that the systems of the world’s largest military alliance were compromised — especially during Ukraine’s Western-backed war with Russia and amid rising tensions with China — serves as an embarrassing reminder to NATO that its own internal security remains vulnerable.
“The astonishing SiegedSec hackers have struck NATO once more!” the group wrote on its Telegram site. “We tend to have fun breaching intergovernmental alliances between large nations.”
It did not give a motive for the cyberattack. But in a similar hack in July, SiegedSec said it was retaliating against NATO countries that are “perceived to be disregarding human rights issues,” according to CloudSEK, a private Indian-based security firm that analyzes and predicts cyber breaches, including through artificial intelligence.
SiegedSec said its July hack was also not related to the war in Ukraine. In that cyber breach, the group obtained and posted documents from another unclassified NATO system where the alliance’s 31 member states can collaborate and share information. It also released personal data — including names, residential and email addresses and business photos — obtained on the system, according to the CloudSEK analysis, which said more than 800 megabytes of data had been involved.
Sieged Sec claimed its latest hack was far larger, involving nine gigabytes of data. The group became active in April 2022 and has targeted organizations across the world since, according to CloudSEK.
“They like to make the leaks available for download and promote chaos with it,” CloudSEK concluded after the July breach.
