Top Aces, the canadian training company, falls victim to ransomware attack

Gastón Dubois

Top Aces ransomware

Canadian defense contractor Top Aces is the victim of an extortive cyber-attack. It has reportedly been robbed of 44 GB of data, and if it does not pay the ransom, the data will be made public.

Top Aces is a leading private sector company that provides adversary training services to train military pilots in advanced combat maneuvers and tactics.

In a brief statement to The Record on Wednesday, Top Aces confirmed that it is in the process of investigating the incident. The attack was carried out by the LockBit group, which engages in information theft for ransom, an activity known as ransomware.

One of the largest private fighter fleets in the world

Top Aces is based in the city of Montreal, Quebec (Canada). It was founded in 2000 by three veteran CF-18 pilots. Its first major business came in 2005 when the RCAF (Royal Canadian Air Force) awarded them a contract valued at US$94 million to assist in aggressor type training, and since then it has been contracted additionally by the Australian, US and German governments.

Su flota actual consiste en:
  • 20 Dassault-Breguet-Dornier Alpha Jet
  • 7 Douglas A-4N Skyhawk
  • 2 Learjet 35A
  • 2 IAI Westwing

F-16 A Netz Top Aces

In addition, the company has recently added 29 ex Israeli Air Force F-16 A/B Netz, which the company is upgrading to provide training equivalent to that of a 4.5-generation enemy fighter.

The Red Air services offered include electronic warfare training (ECM), air-to-air combat, ordnance launch, mission planning, etc.

Cyber-attacks on defense companies are on the rise

Emsisoft threat analyst Brett Callow noted that attacks on companies in the defense sector are concerning because «there is no way of knowing where the stolen data may end up.»

Even if the individuals behind the attack are simply for-profit cybercriminals, they may sell the data or make it otherwise available to third parties which could potentially include hostile governments,” Callow said.

“There have been multiple attacks on companies in the defense industrial base sector in recent years, and government really needs to find a way to enhance security its supply chain.”

Callow pointed to previous attacks on Visser Precision, a parts supplier to Lockheed Martin, and Westech International, a U.S. military contractor supporting the Minuteman III nuclear deterrent system.

The LockBit ransomware group gave Top Aces a deadline of May 15 before leaking the 44 GB of data it allegedly stole.

LockBit remains one of the most prolific ransomware groups active, with hundreds of attacks in the last year. They have attacked at least 650 organizations so far this year, according to data collected by Recorded Future.

Deja un comentario