Hackers struck National Presto Industries on March 1, 2025, leaving a digital mess in their wake. The company, valued at $656 million, wasn’t exactly shouting from rooftops about the incident. They quietly filed regulatory paperwork with the SEC in early March, probably hoping nobody would notice. Fat chance. InterLock ransomware group proudly claimed responsibility, because nothing says “professional criminal” like bragging about your work on the dark web.
The attack hit National Defense Corporation, a subsidiary making ammunition for the military. Yes, you read that right – hackers targeted a defense contractor. Talk about aiming high. InterLock claims they snatched nearly 3 million files from 450,000 folders. That’s a lot of data. Probably not just recipes for the company’s famous pressure cookers.
National Presto’s response? Basically a digital version of “this is fine” while everything burns around them. They implemented “temporary measures” to keep things running. Their subsidiary even had the audacity to tell InterLock that the stolen data wasn’t worth much anyway. Bold strategy. Meanwhile, operations at AMTEC, which makes military ammunition, were disrupted. Nothing concerning about that at all. This attack pattern aligns with statistics showing government and defense sectors are the most targeted industries for infostealer attacks.
The company’s systems got encrypted across three entities. Phones were down. Manufacturing halted. Shipping stopped. But hey, they’ve got a strong liquidity position with more cash than debt. That’ll definitely protect their sensitive files.
National Presto assembled their incident response team faster than you can say “cybersecurity insurance claim.” They called in the experts, notified law enforcement, and started the painful process of figuring out just how bad things really were. The fun part? They still don’t know the full financial impact. SecurityWeek attempted to gather additional information from the company but received no response regarding the specific types of data that were compromised.
The incident led to significant disruptions in shipping and receiving operations, creating a ripple effect throughout their supply chain. This mess highlights how vulnerable manufacturers are, especially those tied to defense. InterLock tried extortion, negotiations apparently failed, and now stolen data sits on a Tor-based leak site. Perfect.
The attack’s timing couldn’t be worse, coming when ransomware groups are adopting more sophisticated tools and techniques. National Presto claims they’ve restored systems and returned to normal operations. But with investigations ongoing as of early April, “normal” might be a stretch. The digital dust hasn’t settled yet.
