Hackers Breach Intelligence Portal Used by the CIA and Other Agencies

Unidentified hackers have successfully compromised a critical intelligence website operated by the National Reconnaissance Office, marking a significant security breach affecting the CIA and multiple government agencies.

The attack targeted the Acquisition Research Center website, which serves as a crucial platform for submitting details of sensitive contracts supporting various CIA spying programs.

Scope and Impact of the Breach

The cybersecurity incident compromised proprietary intellectual property and personal information related to several innovative intelligence operations.

According to sources familiar with the breach, hackers likely obtained information regarding key technologies essential to CIA operations, including data from the highly sensitive Digital Hammer program.

Digital Hammer represents a closely guarded initiative focused on developing cutting-edge technologies for human intelligence gathering, surveillance, and counterintelligence operations.

The program specifically addresses threats from Chinese intelligence and information operations, encompassing open-source intelligence platforms, miniaturized sensors, hidden surveillance tools, and artificial intelligence-powered data collection systems.

A National Reconnaissance Office spokesman confirmed the incident, stating that “an incident involving our unclassified Acquisition Research Center website is currently being investigated by federal law enforcement,” while declining to provide additional details about the ongoing investigation.

Concurrent with the intelligence portal breach, Microsoft disclosed that Chinese state-sponsored hackers successfully penetrated the Department of Energy’s National Nuclear Security Administration.

This separate attack exploited SharePoint zero-day vulnerabilities, allowing hackers to access the network of the agency responsible for maintaining and building U.S. nuclear weapons.

Microsoft identified multiple Chinese threat actors in these attacks, including Linen Typhoon, Violet Typhoon, and Storm-2603, with the latter deploying ransomware during their operations.

The extent of potential classified information theft from the nuclear security agency remains undetermined.

Cybersecurity experts believe the intelligence portal breach represents a sophisticated state-sponsored operation rather than an opportunistic attack.

“Given the sensitivity and exclusivity of the Digital Hammer program, this compromise almost certainly points to a state-sponsored actor, likely China,” explained a security analyst from Data Abyss.

The breach highlights vulnerabilities in using unclassified systems for sensitive contract information. Critics argue that utilizing the Acquisition Research Center for such contracts created exploitable security weaknesses.

These incidents occur amid escalating cyber threats from both China and Russia against U.S. intelligence capabilities.

National Reconnaissance Office Director Christopher Scolese previously warned that while Russia focuses on disruptive space-based capabilities, China represents a more diversified threat with strong technological and economic capabilities across multiple systems.

The compromised acquisition center serves as the industry’s primary access point for both classified and unclassified acquisition information, making its breach particularly concerning for national security operations.

Get Free Ultimate SOC Requirements Checklist Before you build, buy, or switch your SOC for 2025 - Download Now