United States. The hackers compromised a Federal Bureau of Investigation (FBI) email system on Saturday, Nov. 13, and sent tens of thousands of messages warning of a possible cyberattack, according to the agency and security specialists.
The latest update on this novelty published on the FBI's official site explains: "The FBI is aware of an incorrect software configuration that temporarily allowed an actor to take advantage of the Enterprise Law Enforcement Portal (LEEP) to send fake emails. LEEP is the FBI's IT infrastructure that is used to communicate with our state and local law enforcement partners. While the illegitimate email originated from a server operated by the FBI, that server was dedicated to sending notifications for LEEP and was not part of the FBI's corporate email service. No actor was able to access or compromise any data or PII on the FBI network. Once we learned of the incident, we quickly remedied the software vulnerability, warned partners to ignore fake emails, and confirmed the integrity of our networks."
The fake emails appeared to come from a legitimate FBI email address ending in @ic.fbi.gov, the FBI said in a statement.
Although the hardware affected by the incident "quickly disconnected upon discovering the problem," the FBI said, "this is an ongoing situation."
The hackers sent tens of thousands of emails warning of a possible cyberattack, threat-tracking organization Spamhaus Project said on its Twitter account.
A copy of an email posted by Spamhaus on Twitter showed a subject line of "Urgent: Threat Actor in Systems" and appeared to end with an authorization from the Department of Homeland Security.
The FBI is part of the Department of Justice.
Both the FBI and the Infrastructure Security and Cybersecurity Agency are aware of the incident, according to the FBI statement.
Leave your comment