General Electric and DARPA Data Breach Raises National Security Questions

November 27, 2023

Allegations of a cyber breach involving General Electric (GE) and the Defense Advanced Research Projects Agency (DARPA) have emerged, with the possibility of highly sensitive data being sold on the Dark Web. A screenshot from the Dark Web advertisement shows a cybercriminal, known as IntelBroker, selling access credentials and DARPA-related military information, among other things. GE has acknowledged the claims of stolen data for sale and is currently investigating the matter.

"We are aware of claims made by a bad actor regarding GE data and are investigating these claims," a GE spokesperson said. "We will take appropriate measures to help protect the integrity of our systems."

GE and DARPA have worked together on several advanced research projects over the years, which could make them attractive targets for cyberattacks, according to Rosa Smothers, a former CIA cyber threat analyst. Smothers highlighted the MIND project, aimed at enhancing the network security of vital information systems, as a potential area of interest for cyber criminals.

Tom Kellermann from Contrast Security expressed concern that DARPA's data, which includes classified information on weapons programs and AI research, could fall into the wrong hands. Furthermore, there are fears that stolen GE credentials could be used to launch subsequent cyberattacks. Kellermann expressed particular concern about the possibility of GE's systems being used to infiltrate federal agencies.

IntelBroker, known for selling access to compromised systems, has been involved in several high-profile cyberattacks and is considered a significant threat, especially to government agencies, according to Darren Williams, CEO of BlackFog. Williams emphasized the importance of companies working with government agencies to protect data from theft and misuse.

The situation is further complicated by the claim that the attackers accessed GE's development environment. Kellermann suggested that immediate runtime security implementation and extensive threat hunting are needed to identify the backdoor. He stressed that the breach has serious implications for national security.

Latest News

Like what you see?

Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.

Subscribe Below

By submitting this form, you’re giving us permission to email you. You may unsubscribe at any time.

Accelerate Security Teams

Continuously identify and prioritize the risks that are most critical in your environment, and validate that your remediation efforts are reducing risk. An always-on single source-of-truth of your assets, services, and vulnerabilities.