French ship builder DCNS has suffered a data breach, and as a result has lost 22,000 documents which show the combat capabilities of the Scorpene-class submarines which it builds.
The documents have been released by Australian media, however it is not clear who originally obtained the documents.
India has begun an investigation into the leak, as the French shipbuilder is in the process of building six Scorpene u-boats for India, after being commissioned to do so in conjunction with an Indian ship builder in 2005.
The deal signed was for £2.6 billion, and the vessels are currently being built in Mumbai. The Scorpene submarines are small-to-intermediate size vessels currently in use in Malaysia and Chile. Brazil is due to deploy the submarine type in 2018.
Indian defence minister Manohar Parrikar said investigations are underway to, "find out what has happened."
A DCNS spokeswoman described the leak as "a serious matter" and said French authorities would formally investigate.
Gonen Fink, CEO at LightCyber told SCMagazineUK.com: “Most security people acknowledge that preventative security cannot be completely effective and that attackers can get into networks. Furthermore, the odds are extremely high that organisations – such as the French shipbuilder DCNS - won't be able to detect the attack until theft or damage has occurred. The industry average for “dwell time,” or the amount of time network invaders can stay hidden, is five months. Some are far longer, where the attacker quietly attains their goals completely unnoticed. Such cases might include a slow, methodical theft of company secrets, customer information or intellectual property.”
Fink explained: “The hype around data breaches may have become a bit too commonplace and caused some complacency or attenuation, but the seriousness is very real, as shown by this French submarine company data leak. One new approach focusing on ‘known-good' is intended to allow organisations to gain a vantage point over network attackers. Known-good comes from continuous behaviour profiling of all users and devices, understanding their normal activities and habits. From this vantage, it should be possible to detect anomalous activities and determine those most likely to be malicious. This is made practical using advanced machine learning, live, in each network.”
Australia signed a major deal with the DCNS earlier this year, described as the country's biggest.
The country's defence industry minister, Christopher Pyne, said in a statement that the leak had "no bearing on the Australian government's future submarine programme".Bharat Mistry, cyber-security consultant at Trend Micro told SC: “If the reported breach is in fact 22,000 pages of secret information pertaining to the operation of the submarine – then this is a mega serious breach. If it ends up in the wrong hands, such as an unfriendly nation state or anyone with a political agenda, this information will provide substantial knowledge about the capability of the submarines and could be used to negate any advantage India would have in combat. But at this stage, until it is known exactly what data or information was breached, it's too early to predict the impact this will have on India. No matter what the outcome is, the fact that DCNS was breached will damage its reputation, which will not only negatively influence its share price but also increase the scrutiny from current and future customers.”