Atlas Intelligence Group (AIG), a notorious threat actor, is peddling top-secret classified documents related to various US federal agencies on their Telegram channel. This poses a imminent threat to national security.
On their Telegram channel, AIG is selling a confidential report. The report was jointly issued by the National Security Agency (NSA) and Central Security Service (CSS) in October 2022 and contains sensitive data regarding a cyberattack on the US government’s infrastructure.
Additionally, they are offering a document with details regarding the sighting of the Chinese spy balloon. This was issued by the Office of the Chief of Naval Operations (OPNAV) to the CIA on January 28, 2023. AIG is also offering a report detailing Ukraine’s reforms to join NATO, dated 2021.
These documents are being sold for rates from $2,000 to $3,000.
Atlas Intelligence Group (AIG) vs. US Federal Agencies
While source of these classified documents remains unconfirmed at the moment, the FBI confirmed a cyber attack on its infrastructure in mid-February.
It may be possible that the same stolen documents are being propagated via a secretive individual using the handle “Mr. Eagle.” Mr. Eagle allegedly obtained the documents from a private source on February 26 and 27.
The consequences of selling classified documents to potential adversaries are concerning. The US government is responsible for safeguarding its sensitive information to prevent it from being used against the country.
The fact that such documents are being offered for sale raises serious questions about the government’s ability to protect its information from being compromised.
The damage that could result from these documents falling into the wrong hands cannot be overstated. They contain sensitive information regarding the US government’s operations, capabilities, and weaknesses. Adversaries could use this information to plan and carry out attacks against US interests domestically and internationally.
US Federal database and breaches
US government databases have always been targeted by cybercriminals, both with political and monetary motivations.
The biggest one in the recent years was the 2020 United States federal government data breach. The breach reportedly occurred when hackers gained unauthorized access to the systems of the U.S. government’s cybersecurity agency, the Cybersecurity and Infrastructure Security Agency (CISA).
The breach was discovered in December 2020, but its extent and impact were not immediately clear. It is now known that the hackers managed to steal a large amount of sensitive information, including email communications, budget and planning documents, and other sensitive data related to government operations.
The breach has been attributed to a group of hackers believed to be working for a foreign government, although their identity has not been officially confirmed. The hackers reportedly used advanced techniques to infiltrate the CISA’s systems and remain undetected for several months.
The CISA has acknowledged the breach and has taken steps to strengthen its cybersecurity defenses, but questions remain about the adequacy of its response.
In response to the breach, the U.S. government has launched an investigation to determine the extent of the damage and identify the responsible parties. The government has also taken steps to increase cybersecurity measures across all government agencies and has pledged to take additional steps to protect government data in the future.