Key point: An IBM whistleblower testifies to years of cover-up of cyberattacks on US federal infrastructure by IBM and AT&T to secure government contracts, including APT-10 attacks with compromised systems in 20 countries.
William Barlow, a security expert at IBM until 2019, accuses his former employer and AT&T of concealing successful cyberattacks on federal infrastructure for years and deceiving the US government about the security situation in order to retain billion-dollar contracts. The lawsuit, filed under the False Claims Act, was sealed since 2020 and was only published after the Department of Justice rejected it.
The affected infrastructure is not standard corporate IT: IBM operates a cloud infrastructure that parts of the US federal administration access, including the military. AT&T is responsible for central network elements of this system. According to the lawsuit, these systems were attacked over years without the companies identifying the attackers in many cases or determining the extent of data breaches. Barlow attributes this to missing access protocols at IBM.
Part of the attacks described are said to be attributable to the Chinese group APT 10. The US Department of Justice indicted alleged members in 2018 after approximately 100,000 data of US Navy personnel were stolen — according to Barlow, via IBM’s infrastructure. Internal investigations identified thousands of indicators of APT-10 activity between 2013 and 2016, later hundreds of compromised accounts and systems in almost 20 countries. Intelligence officials questioned Barlow about this, but he was instructed not to provide further information.