General Electric, DARPA Hack Claims Raise National Security Concerns #2

Cyber Security Threat Summary:
General Electric (GE) and the Defense Advanced Research Projects Agency (DARPA) are reported to have experienced security breaches, with stolen data allegedly available for sale on the Dark Web. The compromised information includes access credentials, DARPA-related military data, SQL files, and more. GE has acknowledged the breach and is actively investigating the matter. DARPA, known for collaborating with GE on various projects, may have classified information on weapons programs and artificial intelligence research in its data stores.

Security Officer Comments:
Experts express concerns about potential follow-on cyberattacks using stolen GE credentials, with fears of adversaries exploiting the breach to target federal agencies. The threat actor, known as IntelBroker, has a history of high-profile cyberattacks. The breach reportedly occurred in GE's development environment, raising serious national security implications, prompting calls for immediate runtime security measures and extensive threat hunting to identify potential backdoors.

Suggested Correction(s):
The situation underscores the need for heightened vigilance in protecting sensitive data, especially in collaborations between private companies and government agencies.

Link(s):
https://www.darkreading.com/