Unidentified hackers recently compromised a major intelligence website used by the CIA and other agencies for submitting details of sensitive contracts, according to the National Reconnaissance Office, the spy satellite service that runs the site.

The breach targeted proprietary intellectual property and personal information submitted on the Acquisition Research Center website in support of several innovative CIA spying programs.

Disclosure of the intelligence website hack comes as Microsoft revealed this week that the Department of Energy’s National Nuclear Security Administration, a major nuclear weapons agency, was compromised by Chinese state hackers.

An NRO spokesman told The Washington Times: “We can confirm that an incident involving our unclassified Acquisition Research Center website is currently being investigated by federal law enforcement. We do not comment on ongoing investigations.”

The extent of the breach at the NRO is not fully known, but according to people familiar with the activity, hackers likely obtained information on key technologies for CIA operations.

Other potential areas of compromise could include the Space Force and its efforts to build surveillance satellites and space weapons, and the Golden Dome missile defense program.

Data from one highly sensitive program, called Digital Hammer, was compromised, according to people familiar with the hacking.

Digital Hammer is a program to compile cutting-edge technologies for human intelligence gathering, surveillance and counterintelligence operations. The program is focused on the threat posed by Chinese intelligence and information operations.

Portions of many Digital Hammer programs are unclassified. But others that are submitted to the NRO acquisition center are classified and involve capabilities essential to covert operations and strategic intelligence collection.

Digital Hammer is a closely guarded program that is working to develop open-source intelligence platforms and analytics, and items such as miniaturized sensors and hidden surveillance tools.

Other programs seek to develop acoustic and communications systems, artificial intelligence-powered data collection, analysis and behavior prediction tools.

Countersurveillance and signature reduction technologies also are part of the program.

Lori Ann Duvall-Jones, CIA deputy director of the Office of Acquisition Management, said in a 2023 speech that Digital Hammer is a contracting vehicle that allows vendors to present offerings “within a CIA space.”

The program allows the CIA to assess new capabilities and consider how to apply them to a mission set in an innovative way, she said.

Critics say using the unclassified Acquisition Research Center for contracts created security vulnerabilities that hackers exploited.

The CIA states on its website that the NRO-run Acquisition Research Center is “the industry’s unclassified and classified access point for acquisition information, new business opportunities, and outreach activity involvement.”

The center is used by the CIA as an access point for market research, for identifying business solutions and communicating with industry.

Companies seeking to do business with the CIA first register with the acquisition center and then explain core competencies.

Once registered, companies can use the center for solicitations, capabilities briefings, sharing innovative ideas and “identifying sub-prime opportunities.”

A CIA spokesman had no immediate comment on the breach.

L.J. Eads, a former Air Force intelligence officer, said China would gain much from obtaining intellectual property on Digital Hammer — especially technologies designed in partnership with, or directly for, the intelligence community.

“This wasn’t a breach of opportunity,” said Mr. Eads, founder of Data Abyss. “Given the sensitivity and exclusivity of the Digital Hammer program, this compromise almost certainly points to a state-sponsored actor, likely China.

“When proprietary innovations intended for CIA-backed programs are exfiltrated, it’s not just a vendor issue but a serious national security breach,” he said.

NRO recently uncovered that the unclassified portion of the Acquisition Research Center was compromised and sent notices to several companies affected. The security breach impacts a number of acquisitions supported by the center among several government agencies.

The NRO notice said the compromise so far does not appear to involve classified information but losses due to unauthorized access to proprietary information and personally identifiable Information.

The agency is working to make sure the full details of the compromise are identified and appropriate countermeasures taken to prevent further losses.

NRO Director Christopher Scolese said during a speech last summer that his agency is expanding its satellite and building innovative capabilities to counter China and Russia.

Mr. Scolese said Russia poses a very focused and capable space threat to U.S. intelligence, surveillance, and reconnaissance capabilities.

However, the threat from China is more diversified, he said.

“Russia is pushing into more disruptive capabilities of space,” he told a security conference.

U.S. officials said Moscow is developing a space-based nuclear anti-satellite weapon.

“China, however, represents a different threat,” Mr. Scolese said. “They are a very capable country, technologically smart, and they’re economically strong. They’re developing capabilities across the spectrum of systems and they are competing with us. We have right now the strongest capability and we have the best ISR, but China is coming on strong. It represents an additional threat to what we’re doing.”

NRO is working to advance its capabilities in space and on the ground to become faster, more agile and more resilient, he said.

“That complicates the calculus of anybody who wants to do us harm,” Mr. Scolese said.

On the National Nuclear Security Administration breach, Microsoft said the large-scale cyberattack involved Chinese hackers who exploited a Microsoft SharePoint zero-day vulnerability on Friday. The hackers were able to penetrate the NNSA network.

The agency so far has been unable to determine if sensitive or classified information from that network was stolen by the hackers. 

The NNSA is the agency in charge of maintaining and building U.S. nuclear weapons for the Pentagon.

“As of this writing, Microsoft has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon exploiting these vulnerabilities targeting internet-facing SharePoint servers,” the company said in a security blog post Tuesday.

“In addition, we have observed another China-based threat actor, tracked as Storm-2603, exploiting these vulnerabilities to deploy ransomware.”

• Bill Gertz can be reached at bgertz@washingtontimes.com.