image

US DoD (Defense) Hacked!

The infamous hacker, known by the online handle of ‘IntelBroker,’ alleges having acquired sensitive internal documents from the United States Department of Defense (US DoD). According to IntelBroker, the leaked data includes PDFs and XLSX files, potentially containing communications between the Pentagon and the Army’s CIO/G-6.

For readers’ information, the Chief Information Officer (CIO) is responsible for addressing IT and cybersecurity-related issues. On the other hand, G-6 refers to the Deputy Chief of Staff (DCS), who reports to the Chief of Staff of the Army. The G-6 is primarily involved in planning, strategy, network architecture, and related matters.

Some of the leaked documents are labeled FOUO meaning ”For Official Use Only.” It is a security designation used by some governments, including the United States, to identify unclassified information that is sensitive and should be protected from unauthorized disclosure.

As seen by Hackread.com, the leaked documents are accessible for download on the Breach Forums. The same forum where, last month, another threat actor leaked a scraped LinkedIn database with 35 million user data. A couple of weeks ago, the Breach Forums witnessed the leak of a database containing the personal data of thousands of employees of the Idaho National Lab.

Regarding the current breach, screenshots provided by the hacker as samples reveal dates ranging from 2017 to 2021. Among the samples is a document titled “Task 10 – EIEMA (Enterprise Information Environment Mission Area) Process Improvement Projects and Tasks, dated 25th March 2021.”

Another document, labeled “Enterprise Service Division SAIS-NSE,” includes a presentation containing personal and contact details of several civilian government officials and contractors. The information disclosed comprises their full names along with contact numbers for office, cellular, and home.

Another FOUO document, titled “MDEP MXCL RVT Brief to the TT PEG – Pentagon,” provides a summary discussing requirements for Long Haul Communication within the US Army.

Hackread.com did not conduct the usual in-depth analysis; therefore, the authenticity of the data remains uncertain. However, considering the hacker’s track record with previous leaks, it is reasonable to presume that the documents could be legitimate.

Additionally, according to the online malware samples repository vx-underground, “The Five Eyes (FVEY) are actively hunting him down,” signaling the severity and gravity of the situation and suggesting potential damage caused by IntelBroker to the targeted organizations.

Who is IntelBroker Exactly?

IntelBroker is an infamous threat actor/hacker known for high-profile hacks against the US government, businesses, and delivery and logistics firms worldwide. Their previous cyber attacks include breaching the US-based online grocery delivery platform Weee! and leaking the personal details of over 1.1 million customers online.

In the past month, IntelBroker claimed to have breached the US-based multinational corporation General Electric (GE) and offered data, including access related to the US government’s defense R&D agency DARPA, for sale at just $500.

Impact of Such FOUO Leaks

The severity of the impact of a FOUO leak will depend on several factors, including the nature of the information that was leaked, the extent to which it was disseminated, and the response of the government and military. However, it is clear that the potential consequences of such leaks are significant and should not be taken lightly. Here are some potential consequences:

1. Damage to national security:

  • Leaked FOUO documents could contain sensitive information about military strategies, troop deployments, weapons systems, or intelligence operations. This information could be used by adversaries to gain an advantage in a conflict or to plan attacks against the United States or its allies.

2. Embarrassment and political fallout:

  • Leaked FOUO documents could reveal embarrassing or damaging information about the government or military. This could lead to public outrage, a loss of confidence in the government, and political pressure to change policies.

3. Harm to individuals:

  • Leaked FOUO documents could contain personal information about military personnel or their families. This information could be used to target individuals for harassment, threats, or even violence.

4. Financial loss:

  • Leaked FOUO documents could reveal information about sensitive government contracts or trade secrets. This could lead to financial losses for the government or private companies.

5. Loss of trust in the military:

  • Repeated leaks of FOUO documents could erode public trust in the military and make it more difficult for the government to recruit and retain personnel.