OpenAI contract with U.S. Cyber Command went unnoticed amid degradation of transparency and veracity of U.S. procurement database
Viewing disclosure of OpenAI's $3.5 million USCYBERCOM contract requires a Login.gov account with Sam.gov, and artificial subawards remain injected through 'Cloudy_Day' identity exploit.
The San Francisco-based artificial intelligence company OpenAI’s largest public payout from the U.S. federal government has effectively gone unnoticed despite coming from the cyberwarfare branch of the Pentagon previously led by board member Paul M. Nakasone in his joint capacity as director of the National Security Agency and commander of U.S. Cyber Command.
OpenAI’s contract with U.S. Cyber Command was active at the time of the company’s March 2 press release regarding domestic surveillance, which stated that, “The Department [of War] also affirmed that our services will not be used by Department of War intelligence agencies like the NSA.”
Two previously unreported, but privately ethically disclosed, artificial subawards to OpenAI also remain published in official U.S. Government procurement databases following their injection by the cybersecurity researcher Ronald Lovelace (‘Cloudy_Day’), whom the Department of Energy has publicly credited as someone who has “responsibly disclosed valid vulnerabilities.” Lovelace’s previous methodology involved finding an exploit in a Department of Energy portal which allowed him to send emails tagged as from an official energy.gov address.
“I’ve called for a full audit of the entire procurement system,” Lovelace told All-Source Intelligence, noting that the injected $1 subawards could just have easily been for any amount. “Anybody malicious, they would mask it, it would be to a small tribal community or a small church,” Lovelace further stated, noting that he reported his findings to the Office of the Inspector General of the General Services Administration in the middle of last year.
The only human-generated discussion of OpenAI’s $3.5 million contract providing “AI platform training” to U.S. Cyber Command appears to have been published on Microsoft’s professional networking platform LinkedIn by the New York City-based procurement analysis company Procure.FYI, which lamented one week ago that:
Most of the conversation about OpenAI and Anthropic's government work focuses on the political drama. The supply chain risk designation. The Pentagon showdown. The dueling blog posts.
The contract’s payout has been roughly 75% larger than the $2 million obligated as part of the “frontier AI” contract OpenAI signed with the Pentagon’s Chief Digital and Artificial Intelligence Officer (CDAO) in mid-June, despite widespread claims of its $200 million value.
U.S. Cyber Command was quickly revealed to have conducted preparatory cyberattacks against Iranian communications infrastructure as one of the ‘first movers’ for the joint American and Israeli war of aggression against Iran which began on February 28, known as Operation Epic Fury. U.S. Senator Raphael Warnock (D-GA) on Monday called for a bipartisan investigation into the U.S. military’s mass killing of young Iranian children at the Shajareh Tayyebeh elementary school in Minab through a “deadly Tomahawk missile strike.”
The U.S. military targeting system for Epic Fury has operated on the Maven Smart System run by the Miami-based enterprise data analytics firm Palantir Technologies, whose ever-controversial co-founder and chairman Peter Thiel was a founding donor to OpenAI. But Large Language Model support for Maven during Epic Fury was instead provided by OpenAI’s fellow San Francisco-based competitor, Anthropic, and a detailed analysis of the technology stack was reported by The Guardian on Thursday, citing CNN’s conclusion that the Defense Intelligence Agency’s outdated classification of the elementary school as a military target was at least partly to blame for the atrocity.
Media attention has heavily focused on the Trump administration’s contested declaration of Anthropic as a supply-chain risk following the company’s insistence on contractual assurances preventing its software from being used for either domestic mass surveillance — especially under the auspices of data-broker-enabled Commercially Available Intelligence (CAI) — or for autonomous killing. But the Financial Times reported on March 20 that Anthropic’s yearly revenue projection had “shot from $9bn at the end of 2025 to $19bn earlier this month, according to an investor,” indicating that the company’s feud with the Trump administration and provision of infrastructure support for the kidnapping of Venezuelan president Nicolas Maduro and ongoing bombing of Iran has not imposed a financial burden.
The intense attention paid by the Nebraska-based wiretapping technology company PenLink to training its customers on how to gain access to Google Search histories of investigatory targets further suggests that commercial Large Language Model usage by platforms such as ChatGPT and Claude will become similarly central to police and intelligence agency interception. Anthropic CEO Dario Amodei declared on February 26 that, “We support the use of AI for lawful foreign intelligence and counterintelligence missions.”
As first revealed by this publication, Anthropic has collaborated with the Central Intelligence Agency and the Australian Office of National Intelligence since at least late 2023 and hired former Palantir employee Steve Sloss as the company’s point person for pitching U.S. intelligence agencies, including for military targeting.
OpenAI did not respond to a request for comment regarding its ethical boundaries for U.S. wiretap requests against non-Americans or on whether the company took steps to mitigate real-or-perceived conflict of interest regarding recruitment of former U.S. Cyber Command chief Paul Nakasone prior to landing a $3.5 million contract with U.S. Cyber Command.
The crumbling public transparency for Other Transaction Agreements
The lack of public reporting on OpenAI’s contract with U.S. Cyber Command is at least partly due to the arcane rules governing publication of a category of financial awards heavily favored for the Pentagon’s artificial intelligence work, known as Other Transaction Agreements (OTAs), which are exempt from disclosure on USASpending.gov due to residing outside of the Federal Acquisition Regulation (FAR). Further notable OTAs have included OpenAI and its competitor Anthropic’s “frontier AI” awards with the Pentagon and Microsoft’s ill-fated $22 billion ceiling augmented reality goggles effort, known as the Integrated Visual Augmentation System (IVAS).
The Federal Procurement Data System-Next Generation (FPDS-NG) hosted at FPDS.gov was the primary public disclosure mechanism for more than $100 billion in military artificial intelligence contracts until the current Trump administration quickly began phasing out anonymous access to its content — as first reported by this publication — with the main website beginning its redirection to SAM.gov in late February.
Contrary to public reporting of the complete shutdown of FPDS, the back-end API has continued functioning as of publication, and the General Services Administration’s Office of the Inspector General ceased responding to the author’s inquiries on the new Sam.gov system’s requirement of a Login.gov account and newly imposed significant throttles on API access last month. The GSA OIG further did not respond to a recent request for comment regarding the Cloudy_Day subaward injection exploit.
The injection of artificial subawards into official U.S. procurement databases is not without precedent. Several years ago the author discovered a clearly fraudulent listing on USASpending.gov of a supposed $1 billion subaward from Palantir Technologies to itself, with a subaward description naming a homeless shelter and the contributor of the fake data, who confirmed their role to the author when reached by phone, as well as their past role as a contracting officer. (The spurious subaward was later removed from the official database.)
“All of our financial grant money is at risk,” stated the cybersecurity researcher Ronald Lovelace.