Logo

American Security Council Foundation

Back to main site

Alan W. Dowd is a Senior Fellow with the American Security Council Foundation, where he writes on the full range of topics relating to national defense, foreign policy and international security. Dowd’s commentaries and essays have appeared in Policy Review, Parameters, Military Officer, The American Legion Magazine, The Journal of Diplomacy and International Relations, The Claremont Review of Books, World Politics Review, The Wall Street Journal Europe, The Jerusalem Post, The Financial Times Deutschland, The Washington Times, The Baltimore Sun, The Washington Examiner, The Detroit News, The Sacramento Bee, The Vancouver Sun, The National Post, The Landing Zone, Current, The World & I, The American Enterprise, Fraser Forum, American Outlook, The American and the online editions of Weekly Standard, National Review and American Interest. Beyond his work in opinion journalism, Dowd has served as an adjunct professor and university lecturer; congressional aide; and administrator, researcher and writer at leading think tanks, including the Hudson Institute, Sagamore Institute and Fraser Institute. An award-winning writer, Dowd has been interviewed by Fox News Channel, Cox News Service, The Washington Times, The National Post, the Australian Broadcasting Corporation and numerous radio programs across North America. In addition, his work has been quoted by and/or reprinted in The Guardian, CBS News, BBC News and the Council on Foreign Relations. Dowd holds degrees from Butler University and Indiana University. Follow him at twitter.com/alanwdowd.

ASCF News

Scott Tilley is a Senior Fellow at the American Security Council Foundation, where he writes the “Technical Power” column, focusing on the societal and national security implications of advanced technology in cybersecurity, space, and foreign relations.

He is an emeritus professor at the Florida Institute of Technology. Previously, he was with the University of California, Riverside, Carnegie Mellon University’s Software Engineering Institute, and IBM. His research and teaching were in the areas of computer science, software & systems engineering, educational technology, the design of communication, and business information systems.

He is president and founder of the Center for Technology & Society, president and co-founder of Big Data Florida, past president of INCOSE Space Coast, and a Space Coast Writers’ Guild Fellow.

He has authored over 150 academic papers and has published 28 books (technical and non-technical), most recently Systems Analysis & Design (Cengage, 2020), SPACE (Anthology Alliance, 2019), and Technical Justice (CTS Press, 2019). He wrote the “Technology Today” column for FLORIDA TODAY from 2010 to 2018.

He is a popular public speaker, having delivered numerous keynote presentations and “Tech Talks” for a general audience. Recent examples include the role of big data in the space program, a four-part series on machine learning, and a four-part series on fake news.

He holds a Ph.D. in computer science from the University of Victoria (1995).

Contact him at stilley@cts.today.

Massive Data Breach Exposes Intel’s Intellectual Property for Its Flagship CPUs and SpaceX Sensors

Wednesday, August 19, 2020

Categories: ASCF News Cyber Security

Comments: 0

The largest chipmaker in the United States is investigating a data breach that leaked 20 GB of confidential and restricted data. A Swiss software engineer, Till Kottmann, shared the data on the file-sharing site, MEGA, under the title “Intel exconfidential Lake Platform Release.” The leaked intellectual property contained the design of various chipsets which was under strict NDA protection.  The information released included technical specifications, product guides, and manuals for Intel CPUs. The engineer received the data from an anonymous hacker via one of his Telegram channels, where he publishes data from various exploits. A few weeks ago, Kottmann released source code files of over 50 high-profile companies, including Disney and Microsoft. Intel released a statement denying being hacked and blaming the incident on a rogue user. Kottman said more data with “juicier” details were on the way.

Nature of intellectual property exposed

The data breach did not contain any sensitive personal information on Intel’s clients or workers. However, it contained technical designs for various Intel chipset platforms such as Kaby Lake and Tiger CPUs. The data breach also exposed source code belonging to third-parties, such as SpaceX sensors developed by Intel. Products affected by the data breach include:

Kabylake BIOS Reference Code, including sample code + initialization code.SpaceX Camera drivers for Intel.Sources and bootloader for Intel Consumer Electronics Firmware Development KitFirmware Support Package for various platforms.Development and Debugging Tools for IntelRocket Lake S Simics simulationsIntel Trace Hub + decoder files for various Intel ME versionsPlatform sample code and reference for “Elkhart Lake” siliconVerilog code for Xeon platformsVarious platform builds of Debug BIOS/TXEDebug BIOS/TXE builds for various PlatformsBootguard SDKIntel Snowridge and Snowfish Process Simulator ADKVarious guides, tooling, and samples for Intel ME BringupDocumentation, tools, and semantics for the Tiger Lake platform.Intel marketing material templates made using InDesignVery horrible Kabylake FDK training videos

Intel disputes that it was hacked and blames the data breach on a rogue user with access rights. The company alleged that an authorized person accessed its Resource and Design Center, downloaded the code, and shared it with Kottmann.

Intel stores confidential, technical, intellectual property protected information on the web portal for business partners integrating its products. The users accessing Intel’s intellectual property have NDAs with the company to protect the code from unauthorized shares.

Erich Kron, a Security Awareness Advocate at KnowBe4, says that protecting intellectual property could be challenging when third parties are involved.

“While this appears to be an issue related to a third party, it does underline the security concerns around intellectual property when working with business partners both up and down the supply chain. There is always a risk when sharing potentially sensitive information to these business partners. However, this is often an unavoidable part of doing business.”

Among the companies accessing Intel’s intellectual property was the Chinese firm, Centerm Information Co. Ltd. The Trump administration has accused Chinese firms of stealing US trade secrets and intellectual property. Allowing the company to access Intel’s intellectual property would raise eyebrows on Intel’s business activities and compliance with Trump’s trade policy towards China.

Most companies prioritize the protection of identifiable personal information (PII) while doing little to protect intellectual property, according to Kron.

“This intellectual property can be very valuable to potential competitors, and even nation-states, who often hope to capitalize on the research and development done by others.”

The exposure of the data affects not only Intel but also its clients such as SpaceX. It also undermines the security of Intel’s new chipsets even before they hit the market. For example, some of the products impacted by the data breach, such as Tiger CPU platforms, are yet to be released. Others, such as Ice Lake Xeon and Cooper Lake CPUs, are yet to become common in the market.

Disputes over cause of data breach

Intel believes that an individual with access downloaded and shared this data.

“We are investigating this situation. The information appears to come from the Intel Resource and Design Center which hosts information for use by our customers, partners, and other external parties who have registered for access,” Intel’s statement read in part.

The documents obtained had links to the portal, thus strengthening Intel’s claims that the leak was deliberate.

Chris Clements, the VP of Solutions Architecture at Cerberus Sentinel, supports Intel’s claims.

“It’s unusual that the leaker has released the information publicly with no confirmed ransom demands that we are aware of. It’s possible that the information compromised was available to authorized Intel partners via the Intel Resource and Design Center, as Intel has so far claimed. If that is the case, it would explain why they couldn’t extort Intel to prevent the release or find another buyer for Intel’s internal information.”

However, the hacker who shared the code says he obtained it from an unsecured server hosted on the Akamai CDN. He discovered the server using the Nmap port-scanning tool and executed a python script to discover files and folders with permissive folder permissions and default passwords.

The source of the leak says anybody who could guess the name of the folders could access them. Once discovered, the folders allowed the hacker to navigate to the root, list, and navigate to child folders. An intruder could also impersonate an authenticated user and register a user account, according to the source.

The data breach exposed Intel’s abysmal security practices. Most of the leaked zipped archives had no passwords or had simple passcodes such as intel123 or Intel123. The leaked materials also mentioned “backdoors” in the Intel source code. The term was found twice on Intel’s Purefresh Xeon CPU’s chipset. Other references mention “voltage failures” without specifying whether it affects chips already in the market or those under development.

Kottmann shared the link on Twitter, and his account has since been suspended for publicizing the data breach.

Photo and Link: https://www.cpomagazine.com/cyber-security/massive-data-breach-exposes-intels-intellectual-property-for-its-flagship-cpus-and-spacex-sensors/?utm_source=ActiveCampaign&utm_medium=email&utm_content=US+Government+Agencies+Issue+Alert+Over+Taidoor+Malware+Attack+in+Chinese+Cyber+Espionage+Campaigns&utm_campaign=Weekly+Highlights

Comments RSS feed for comments on this page

There are no comments yet. Be the first to add a comment by using the form below.