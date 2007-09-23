The risk of running obsolete code and hardware was highlighted after attackers exfiltrated data from a UK supplier of high-security fencing for military bases. The initial entry point? A Windows 7 PC.

While the supplier, Wolverhampton-based Zaun, said it believed that no classified information was downloaded, reports indicated that attackers were able to obtain data that could be used to gain access to some of the UK's most sensitive military and research sites.

The LockBit Ransom group conducted the attack on the company's network, and Zaun admitted the group may have exfiltrated 10GB of data. The company also confessed that the attack might have reached its server beyond the Windows 7 entry point.

[...] Zaun specializes in high-security perimeter fencing. It isn't a government-approved security contractor, although is approved for government use via the Centre for the Protection of National Infrastructure (CPNI). The fact it has fallen victim to a cyberattack and had data downloaded is a reminder for enterprises and organizations to be vigilant regarding every link in the supply chain.

The company boasts: "All our fencing systems can be designed and manufactured with a wide variety of security additions, including toppings and detection technology to complete your perimeter." Unless, it appears, your perimeter is running some distinctly outdated kit.

[...] Paul Brucciani, Cyber Security Advisor at WithSecure, noted the success of LockBit, saying: "The significance of this attack is that by undermining IT security, it is also possible to undermine the physical security of its [the supplier] customers."