Cybercrime , Fraud Management & Cybercrime , Government
Apparent GE Hack Raises National Security Concerns
Prominent Threat Actor Advertises Access to GE's Military ProjectsNational security concerns developed after a hacker known as IntelBroker claimed on a hacking forum to have stolen sensitive information from General Electric pertaining to its collaborative projects with the Defense Advanced Research Projects Agency.
See Also: The Healthcare CISO’s Guide to Medical IoT Security
A spokesperson for General Electric confirmed in a statement to Information Security Media Group on Tuesday that the company is "aware of claims made by a bad actor regarding GE data and are investigating these claims." Business operations have not been affected, the spokesperson added.
"We will continue to take appropriate measures to help protect the integrity of our systems," the statement says.
IntelBroker - which has previously launched successful hacks targeting a major health insurance marketplace and a national grocery delivery service - posted on a publicly available hacking forum in November that it had been selling for $500 access to General Electric's development and software pipelines, as well as data that allegedly includes "a lot of DARPA-related military information, files, SQL files, documents."
The post included alleged screenshots indicating IntelBroker had gained access to a General Electric and DARPA database containing sensitive information related to the company’s aviation division and ongoing defense initiatives. ISMG could not independently confirm the authenticity of the screenshots, and DARPA did not immediately respond to requests for comment.
Cybersecurity experts have since claimed the hack raises significant national security concerns and warned that the exploitation of GE credentials could have a "catastrophic impact."
General Electric has been working with DARPA on developing next-generation defense technology, including a project to create an open-source cybersecurity system to help protect military and industrial networks. The company has also been leading an initiative that aims to speed up the software certification process for critical military and industrial systems.