The largest chipmaker in the United States is investigating a knowledge breach that has resulted in the disclosure of 20 GB of confidential and limited knowledge. A Swiss software engineer, Till Kottmann, shared knowledge about the file-sharing site, MEGA, under the name “Intel exconfidential Lake Platform Release”. The high-level assets revealed contained the design of various chipsets that were under the strict coverage of the NDA. The published data included technical specifications, product guides, and manuals for Intel processors. The engineer gained knowledge from an anonymous hacker through one of his Telegram channels, where he publishes knowledge of various exploits. A few weeks ago, Kottmann released the source code files from more than 50 leading companies, adding Disney and Microsoft. Intel issued a denial that it had been hacked and attributed the incident to a dishonest user. Kottman said more knowledge was on the way with more “juicy” main points.
The knowledge gap did not involve any sensitive non-public data about Intel consumers or employees. However, it involved technical designs for Intel chipset platforms such as Kathrough Lake and Tiger processors. The knowledge gap also exposed third-party proprietary source code, such as SpaceX sensors evolved through Intel. Products affected by knowledge violation include:
Intel denies that it has hacked and attributes the breach of knowledge to a malicious user with access rights. The company alleged that a legal user had accessed its resource and design center, downloaded the code, and shared it with Kottmann.
Intel distributes sensitive, technical, and high-level asset data on the Internet portal of the business partners that make up its products. Users accessing Intel’s high-level assets have NOA with the company unauthorized sharing code.
Erich Kron, a security awareness advocate at KnowBe4, says high-level asset coverage can be complicated when third parties are involved.
“While this appears to be a third-component issue, it highlights security issues related to high-level assets when running with upstream and downstream commercial components of the source chain. There is a threat to sharing potentially sensitive data with these business components. However, this is occasionally an integral component of commercial activities “.
Among the corporations with access to Intel’s intellectual assets, the Chinese company Centerm Information Co. Ltd. Trump’s management has accused Chinese corporations of stealing secrets from American industry and intellectual assets. Allowing the company to access Intel’s high-level assets would draw attention to Intel’s business activities and respect for Trump’s industry policy toward China.
Most corporations prioritize personally identifiable information (PII) while doing little to intellectual property, according to Kron.
“These high-level assets can be very valuable to potential competitors, and even to state countries, who hope to capitalize on studies and progress through others.”
Data exposure affects not only Intel, but also its consumers, such as SpaceX. It also undermines the security of Intel’s new chipsets even before they enter the market. For example, some of the products affected by the knowledge gap, such as The Tiger’s CPU platforms, have not yet been released. Others, such as Ice Lake Xeon and Cooper Lake processors, do not yet have a common place on the market.
Intel believes that with access you have downloaded and shared this data.
“We are investigating this situation. The data appears to come from Intel’s Design and Resource Center, which hosts data for use through our customers, partners, and other external parties who have registered for access,” Intel said in part.
The documents received contained links to the portal, reinforcing Intel’s claims that the leak was deliberate.
Chris Clements, Vice President of Response Architecture at Cerberus Sentinel, supports Intel’s claims.
“It is rare for the user to make the data public without any ransom request to be shown to our knowledge. It is imaginable that the data committed has been made for Intel’s legal partners to have through Intel’s Design and Resource Center, as Intel has done so far,” he said. If this is the case, this would explain why they cannot extort Intel from saving the publication to it or to locate some other customer for Intel’s internal data.”
However, the hacker who shared the code says he received it from an unsecured server hosted on Akamai CDN. He discovered that the server was the Nmap port search tool and ran a Python script to discover files and folders with permissive folder permissions and default passwords.
The source of the leak indicates that those who can guess the names of the files can access them. Once discovered, the files allowed the hacker to access the root, list and files of the children. An intruder can also impersonate an authenticated user and log in to a user account, depending on the source.
The knowledge gap revealed Intel’s lousy security practices. Most filtered compressed files did not have passwords or had undeniable access codes such as intel123 or Intel123. Filtered documents also refer to “backdoors” in Intel’s source code. The term was discovered twice on the Intel Purefresh Xeon processor chipset. Other references mention “voltage failures” without specifying whether they relate to chips that are already on the market or those that are in development.
Kottmann shared the link on Twitter and since then his account has been suspended for making public the breach of knowledge.