Alleged Sensitive documents of NATO and TURKEY leaked: Case of Cyber Hacktivism or Cyber Espionage?

In today’s world, multiple categories of hackers have come into existence, such as – BlackHat, WhiteHat, GreyHat, State-sponsored, Hacktivists and others. While most of the categories of hackers have monetary or personal motivations, there are two categories with different motivational factors – State-sponsored and Hacktivists.

State-sponsored hackers – They are appointed by the government to gain confidential information from other countries to stay at the top or to avoid any kind of danger to the country

Hacktivist: It is a hacker or a group of anonymous hackers who gain unauthorized access to government’s computer files and networks for social or political cause. These are also called the online versions of the activists.

Recently, our researchers came across a post shared by Spectre123, where an unknown entity has allegedly leaked the sensitive documents of NATO and Havelsan (Turkish Military/defence manufacturer).

The leaked data contains multiple SoWs, contracts, proposals, 3d designs, resumes, excel sheets containing raw materials information, financial statements, and other sensitive documents.

Based on the message body of the leak, the cyber attack indicates hacktivism, but last year, around May 23, 2019, UK warned NATO allies of hacking activities of Russia -> Link. Also, in September 2020, it was reported that Russian hackers targeted government agencies in NATO member countries, and nations who cooperate with NATO -> Link. These events ensue an unsatisfying narrative – Is it really hacktivism or cyber espionage?

This story is developing and will be updated

About Cyble

Cyble is a global threat intelligence SaaS provider that helps enterprises protect themselves from cybercrimes and exposure in the darkweb. Cyble’s prime focus is to provide organizations with real-time visibility into their digital risk footprint. Backed by Y Combinator as part of the 2021 winter cohort, Cyble has also been recognized by Forbes as one of the top 20 Best Cybersecurity Startups To Watch In 2020. Headquartered in Alpharetta, Georgia, and with offices in Australia, Singapore, and India, Cyble has a global presence. To learn more about Cyble, visit     

Recent Blogs


Cyble analyzes ‘InTheBox’ as part of its thorough research on Web Injects and their role in targeting Android Banking applications worldwide.

Read More »
CybleBlogs-SCADA-ICS-Thermal Imaging-Military

Cyble Research & Intelligence Labs analyzes Industrial Control Systems & Thermal Imaging cameras’ cyber risk over Military Instalments.

Read More »
Titan Stealer

CRIL analyzes Titan Stealer, a Golang based information stealer working as MaaS as well as it’s C&C panel.

Read More »
Scroll to Top