You are currently viewing Classified NATO Documents Stolen from Portugal, Now Sold on Darkweb

Classified NATO Documents Stolen from Portugal, Now Sold on Darkweb


The Portuguese Armed Forces General Staff Agency (EMGFA) was reportedly the victim of a cyberattack that resulted in the theft of classified NATO documents, which are now being sold on the dark web. 

EMGFA is the government agency in charge of controlling, planning, and operating Portugal’s armed forces.

The agency only discovered it had been hacked after hackers posted samples of the stolen material on the dark web, offering to sell the files to interested parties. 

American cyber-intelligence agents discovered the sale of stolen documents and notified the US embassy in Lisbon, which alerted the Portuguese government of the data breach.

A team of experts from the National Security Office (GNS) and Portugal’s national cybersecurity centre was immediately dispatched to EMGFA to carry out the a complete screening of the body’s entire network.

The story was first reported by the local news outlet Diario de Noticias, which claims to have confirmed the accuracy of the information through anonymous sources close to the ongoing investigations. According to these sources, the leaked documents are of “extreme gravity,” and their dissemination could jeopardise the country’s credibility in the military alliance.

“It was a cyberattack prolonged in time and undetectable, through bots programmed to detect this type of documents, which were later removed in several stages,” stated one of DN’s sources.

EMGFA’s computers are air-gapped, but the exfiltration used standard non-secure lines. As a result, the investigation’s first conclusion is that the top military body violated its operational security rules at some point. As of today, no official statement has been issued by the Portuguese government on the subject, but the political opposition is increasing pressure for a briefing in response to DN’s report.

Many members of parliament expressed surprise after learning that classified military documents were being sold on the internet and that the country’s intelligence services had failed to detect such a critical breach. As a result, they asked the chairman of the parliamentary defence committee, Marcos Perestrello, to intervene and schedule hearings on the incident as soon as possible.

Read the full article here

News Room

Cybervizer is a blog and podcast site that focuses on the latest technology and cybersecurity topics that are impacting enterprises, both small and large. Join us to explore the most important trends in enterprise technology and cybersecurity today. Get true insights into the tech and trends that will impact you and your organization.