General Electric and DARPA Data Breach Raises National Security Questions
November 27, 2023
Allegations of a cyber breach involving General Electric (GE) and the Defense Advanced Research Projects Agency (DARPA) have emerged, with the possibility of highly sensitive data being sold on the Dark Web. A screenshot from the Dark Web advertisement shows a cybercriminal, known as IntelBroker, selling access credentials and DARPA-related military information, among other things. GE has acknowledged the claims of stolen data for sale and is currently investigating the matter.
"We are aware of claims made by a bad actor regarding GE data and are investigating these claims," a GE spokesperson said. "We will take appropriate measures to help protect the integrity of our systems."
GE and DARPA have worked together on several advanced research projects over the years, which could make them attractive targets for cyberattacks, according to Rosa Smothers, a former CIA cyber threat analyst. Smothers highlighted the MIND project, aimed at enhancing the network security of vital information systems, as a potential area of interest for cyber criminals.
Tom Kellermann from Contrast Security expressed concern that DARPA's data, which includes classified information on weapons programs and AI research, could fall into the wrong hands. Furthermore, there are fears that stolen GE credentials could be used to launch subsequent cyberattacks. Kellermann expressed particular concern about the possibility of GE's systems being used to infiltrate federal agencies.
IntelBroker, known for selling access to compromised systems, has been involved in several high-profile cyberattacks and is considered a significant threat, especially to government agencies, according to Darren Williams, CEO of BlackFog. Williams emphasized the importance of companies working with government agencies to protect data from theft and misuse.
The situation is further complicated by the claim that the attackers accessed GE's development environment. Kellermann suggested that immediate runtime security implementation and extensive threat hunting are needed to identify the backdoor. He stressed that the breach has serious implications for national security.
Latest News
- Healthcare Behemoth Henry Schein Targeted Twice by BlackCat Ransomware
- Rhysida Ransomware Group Claims Attack on China Energy Engineering Corporation
- Critical Security Flaws in ownCloud File Sharing App Could Expose Admin Passwords
- Critical Microsoft Excel Vulnerability Exposed: Details on CVE-2023-36041
- Welltok Data Breach Affects 8.5 Million Patients: A Result of MOVEit Transfer Software Vulnerability
Like what you see?
Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.