The FBI is an intelligence-driven and threat-focused national security organization with both intelligence and law enforcement responsibilities. As the principal investigative arm of the U.S. Department of Justice and a full member of the U.S. Intelligence Community, the FBI has the authority and responsibility to investigate specific crimes assigned to it.
The FBI also gathers, shares, and analyzes intelligence, both to support its own investigations and those of its partners and to better understand and combat the security threats facing the United States. Imagine if the agency that is supposed to protect the nation and its people from threat is also not spared from a cyber attack?
Yes, it has recently come to light that hackers managed to compromise the Federal Bureau of Investigation’s (FBI) external email system on 13 November 2021. The FBI’s email system was hacked to send out fake cybersecurity warning to tens of thousands of emails. This was revealed by Spamhaus Project, a nonprofit organization that investigates spam and related cyber threats. The FBI said it, along with the Cybersecurity and Infrastructure Security Agency, is “aware of the incident involving fake emails from an @ic.fbi.gov email account.”
The Straits Times reported that the FBI had responded in a statement “This is an ongoing situation and we are not able to provide any additional information at this time.”
It further stated that the FBI has multiple email systems, and the one that appears to have been hacked on Saturday is a public-facing one that agents and employees can use to email the public, according to Austin Berglas, head of professional services at the cybersecurity company BlueVoyant.
There’s a separate email system, agents are required to use when transmitting classified information, he said. “This is not the classified system that was compromised,” said Berglas, who is also a former assistant special agent in charge of the FBI’s New York office cyber branch. “This is an externally facing account that is used to share and communicate unclassified information.”
The attacks started at midnight Saturday in New York with a subsequent campaign beginning at 2am, according to Spamhaus. The emails came with the subject line: “Urgent: threat actor in systems.”
The message was signed by the US Department of Homeland Security and warned recipients that the threat actor appeared to be cybersecurity expert Vinny Troia, who last year penned an investigation of the hacking group The Dark Overlord. Speculation is rife that the hackers could have been attempting to smear Troia.
Read the full article here.
The attack on a federal agency isn’t an isolated incident. From 2020, many countries have reported a surge in cyber attacks on government agencies and other critical sectors such as healthcare, finance, and energy amongst others.
As cyber criminals are upping their game by intensifying their attacks on individuals as well as government agencies, it is clear that the onus is on us as Internet users to practice cyber hygiene and to have a more resilient cyber security infrastructure.
Image source : FBI Press Room