Intel data breach: Confidential schematics & source codes leaked online

Intel data breach: Confidential schematics & source codes leaked online

Thanks to Switzerland-based IT consultant Tillie Kottmann, we now know that Intel suffered a major data breach earlier this year that resulted in 20GB of confidential technical data, such as source codes, schematics, produt documentation etc, falling into the hands of unknown hackers.

News about the massive breach was revealed by Tillie Kottmann on Twitter earlier today. In a series of tweets, she leaked the breached Intel data, stating that the hacking attack was carried out by an “Anonymous Source” who shared the stolen data with her.

As per Kottmann, the 20GB data repository contained the following information:

  • Intel ME Bringup guides + (flash) tooling + samples for various platforms
  • Kaby Lake (Purley Platform) BIOS Reference Code and Sample Code + Initialization code (some of it as exported git repos with full history)
  • Intel CEFDK (Consumer Electronics Firmware Development Kit (Bootloader stuff)) SOURCES
  • Silicon / FSP source code packages for various platforms
  • Various Intel Development and Debugging Tools
  • Simics Simulation for Rocket Lake S and potentially other platforms
  • Various roadmaps and other documents
  • Binaries for Camera drivers Intel made for SpaceX
  • Schematics, Docs, Tools + Firmware for the unreleased Tiger Lake platform
  • (very horrible) Kaby Lake FDK training videos
  • Intel Trace Hub + decoder files for various Intel ME versions
  • Elkhart Lake Silicon Reference and Platform Sample Code
  • Some Verilog stuff for various Xeon Platforms, unsure what it is exactly.
  • Debug BIOS/TXE builds for various Platforms
  • Boot Guard SDK (encrypted zip)
  • Intel Snow Ridge / Snowfish Process Simulator ADK
  • Various schematics
  • Intel Marketing Material Templates (InDesign)
  • Lots of other things

“This is the first 20gb release in a series of large Intel leaks. Most of the things here have NOT been published ANYWHERE before and are classified as confidential, under NDA or Intel Restricted Secret,” Kottmann said, indicating that hackers may have managed to steal much more technical data than Intel is letting on. Following news about the data breach, Intel issued the following statement:

“We are investigating this situation. The information appears to come from the Intel Resource and Design Center, which hosts information for use by our customers, partners, and other external parties who have registered for access. We believe an individual with access downloaded and shared this data.”

The Intel Resource and Design Center is access-restricted and registered users are provided access to Intel-confidential documentation and tools, free product samples and testing services, pre-release product information, and an opportunity to interact with the developer community.

Commenting on the breach suffered by Intel, Erich Kron, Security Awareness Advocate at KnowBe4, says that while this appears to be an issue related to a third party, it does underline the security concerns around intellectual property when working with business partners both up and down the supply chain. There is always a risk when sharing potentially sensitive information to these business partners, however, this is often an unavoidable part of doing business.

“Whenever providing intellectual property access to another organisation or individual, it is important to log not only who has access, but when and what data they are accessing. Even better, as in this case with Intel, ensuring that you know where the documents have been shared by potentially marking the document itself, can be very valuable when hunting potential misuse as appears to have occurred here,” he adds.

ALSO READ: New loophole in Intel x64 processors leaves secret crypto keys visible

Copyright Lyonsdown Limited 2021

Top Articles

The benefits of external threat hunting

Have you heard of external threat hunting or threat reconnaissance? If you have, you’re in the 1 per cent of the 1 per cent.

From growing supply chain attacks to ransomware gangs putting lives at risk

From ransomware pile-ons to commoditized supply chain TTPs, the threat landscape is set to evolve at a worrying pace in the year ahead.

Restricting company information - hide the truth or lie about it?

It seems like a cliché: a person’s life changes when they’re exposed to a previously concealed or distorted truth. In theory, all information is freely available – and, therefore, is…

Related Articles

[s2Member-Login login_redirect=”” /]