Classified NATO documents were leaked to the dark web after a massive cyberattack on the Armed Forces General Staff agency of Portugal (EMGFA), local news organization Diario de Noticias reported.
The sale on the dark web of “hundreds” of documents which had been sent to Portugal’s officials by NATO was noticed by US cyber-intelligence agents, who alerted the American embassy in Lisbon, according to sources cited by the publication. After that, the Portuguese government was informed of the "significant" data breach, with a notice on the discovery sent directly to Prime Minister Antonio Costa in August.
“It was a cyberattack prolonged in time and undetectable, through bots programmed to detect these types of document, which were later removed in several stages,” stated one of DN’s sources.
A team of experts from the National Security Office (GNS) and Portugal’s national cybersecurity center were purportedly dispatched to EMGFA to carry out screening the body’s network. A comprehensive audit of internal systems allowed the General Staff to identify which computers the NATO documents were stolen from, the report added.
Unsecured channels were used for transmission of classified documents when the Integrated System of Military Communications (SICOM) should have been resorted to, claimed the outlet.
The US embassy in Lisbon neither confirmed nor denied the report, refusing to comment on intelligence matters.
NATO will demand an explanation over the incident from the Portuguese government, added the outlet, though an unnamed Portuguese official was cited as saying that the government will “work daily so that Portugal's credibility, as a founding member of the Atlantic Alliance, remains intact.”