Earlier this week, The Australian broke the news that the Cyber Touhan hacking group stole classified plans for Australia’s new infantry fighting vehicles, a $7B AUD procurement program, in a massive cyber-attack targeting 17 Israeli defence contractors in the supply chain. The attack was carried out by targeting a downstream supplier, MAYA Technologies, exploiting vulnerabilities in their network and peripherals to gain access to sensitive data. This led to the publication of data and documentation for 36 Israeli military projects on Hamas’ Telegram media channel. The leak began on October 22, 2025, as a result of a persistent attack against a complex network of providers, partners, and primes.
This serious breach impacts Australia’s national defence and has implications for the worldwide defence community. It exposed 3D renderings and technical details of the Redback infantry fighting vehicle, the Australian Army’s next-generation platform using a combination of South Korean, Australian, and Israeli tech.
Understanding the Complex Ecosystem Vulnerabilities at Play
This is a classic example of a land and expand supply chain security breach targeting the weakest link, with the end game of stealing critical sensitive data. Initial reports of the pro-Hamas Cyber Toufan hack of the Israeli defence manufacturers indicate that systems were compromised via a complex attack against partners and third-party providers. The attacker is believed to have gained a foothold through a vulnerability in the network and peripherals, then spent months quietly collecting and exfiltrating data from its targets.
Designs, system specifications, even programme-context artefacts, walked out the virtual door, with the targets none the wiser. One can argue about attribution and intent, but the lesson is clear – a perimeter-only security strategy fails due to implicit trust of actors on the network. In a multinational defence ecosystem, perimeters are porous, introducing vulnerabilities where the edges meet. A Zero Trust strategy is critical to thwarting complex cyber attacks like this.
Implement a Defensive Zero Trust Data-centric Security Approach
Data-centric security (DCS) is a complementary zero trust tactic that scales to meet supply chain threats. Continuing to implicitly trust networks and endpoints as steady state safe puts sensitive data at risk when new equipment or users join the domain. For example, a third-party supplier’s camera, DVR, or remote maintenance tunnel can be easily exploited due to being considered “dummy devices”.
A zero-trust approach to DCS starts from a more critical baseline of assuming all your systems and users are compromised. Your defensive strategy must verify every access attempt in the context of the policies governing the data. Simply existing on the correct enclave is no longer sufficient when we assume that the enclave is contested. Continuous enforcement, logging, and auditing of the policies provides oversight of the data wherever and whenever it is accessed.
The global security community has been transitioning from guidance to practice of zero trust, particularly in the defence manufacturing context. The Australian Signals Directorate’s (ASD) foundations and industry consultations are an example of clear, modern, defensible architectures, and continuous verification. The message for defence primes and the extended ecosystem of suppliers is simple. Stop treating “inside” presence as trusted and “outside” as hostile – everything must be conditional, contextual, and revocable.
Enhancing Data Security in Supply Chain Operations
The ability to share data securely is critical to supply chain operations. Governments have set clear standards for the technologies and best practices needed to protect defence data; now is the time to put them into practice. The good news is that there are products available today that incorporate zero trust data centric security methodologies to immediately uplift the security posture of defence supply chain vendors.
Products that utilise a data-centric attribute-based access control (ABAC) methodology can apply fine-grained policies to grant or deny access based on various factors, such as file sensitivity or classification, security clearance, nationality, role, and more. These policies can also be used to implement file-level protections, such as encryption, user-specific watermarks, read-only access, etc., to control how authorised users can then interact with and share information.
A system that is designed to enforce zero trust data-centric security using ABAC ensures that:
- It assesses every request to access each individual piece of information.
- Each request evaluates factors such as mission need, file sensitivity, project, clearance, nationality, and any other relevant constraint.
- Enforcement is applied at the object level, not the perimeter.
- If the criteria are not met, access is denied or access can be restricted depending on context.
- It collects telemetry from the data itself to analyse who opens what, where, and under which conditions.
This approach keeps data sharing across complex supply chain ecosystems enforceable from end to end, moving from coarse role-based security to fine-grained attribute-based access control. It also reduces blast radius while maintaining the speed of collaboration.
The archTIS portfolio of solutions offers these capabilities to provide military-grade, policy-enforced access control and data protection out-of-the box to quickly uplift your cyber resilience.
Kojensi is designed to help organisations quickly meet complex compliance requirements for sharing and collaborating on sensitive information up to PROTECTED in an accredited SaaS platform.
NC Protect safeguards information stored and shared using Microsoft applications, including Microsoft 365, GCC High, SharePoint Server, and Windows file shares, by adding complementary ABAC capabilities and unique data protection features.
A Strategy for Enhancing Cyber Resilience
This recent attack on the defence industry is not an isolated incident, nor will it be the last. It marks the new cyber battlespace for the defence community. By integrating zero trust principles into Defence in Depth planning and file-sharing systems, defence suppliers can adopt a proactive security strategy. This approach, which assumes that the perimeter is already compromised, enforces continuous object-level verification, and allows for rapid information exchange and innovation while preventing large-scale data leaks.
To learn more about implementing ready-to-deploy purpose-built solutions to secure Defence and supply chain sharing and collaboration, contact us.
