Unidentified hackers have breached a major intelligence website used by the CIA and other agencies to submit details of sensitive contracts. The incident was confirmed by the National Reconnaissance Office (NRO), the spy satellite service that runs the site. The website in question belongs to the Acquisition Research Center (ARC), an initiative of the US government's Acquisition Center of Excellence. The ARC's online interface is designed for private sector companies who want to register as government vendors in the national security space.
The breach targeted proprietary intellectual property and personal information submitted on the Acquisition Research Center website in support of several innovative CIA spying programs. An NRO spokesman confirmed that an incident involving their unclassified Acquisition Research Center website is currently being investigated by federal law enforcement. The NRO's notice said the compromise so far does not appear to involve classified information but rather losses as a result of unauthorized access to proprietary and personally identifiable information.
Sources familiar with the investigation confirmed that data from Digital Hammer, one of the CIA's most sensitive technology development programs, was among the information accessed by the hackers. Digital Hammer is a program that compiles cutting-edge technologies for human intelligence gathering, surveillance, and counterintelligence operations, with a particular focus on countering Chinese intelligence operations. Some experts believe the nature of the attack points to a state actor. Mr. Eads, founder of Data Abyss, stated, "Given the sensitivity and exclusivity of the Digital Hammer program, this compromise almost certainly points to a state-sponsored actor, likely China."
The full extent of the breach at the NRO is not fully known, but according to people familiar with the activity, hackers likely obtained information on key technologies for CIA operations. Other potential areas of compromise could include the Space Force and its efforts to build surveillance satellites and space weapons, and the Golden Dome missile defense program. The NRO has sent notices to several companies affected by the breach and is working with law enforcement to ensure the full details of the compromise are identified and appropriate countermeasures are taken.