The FBI might have suffered a cyberattack

Security attack
(Image credit: Shutterstock / ozrimoz)

A cyberattacker seems to have breached the network belonging to the Federal Bureau of Investigation (FBI).

According to CNN, citing two sources briefed on the matter, the as-yet unknown threat actor breached a New York Field Office computer system, used by the FBI to investigate cases of child sexual exploitation.

“The FBI is aware of the incident and is working to gain additional information,” the US law enforcement agency said in a statement to the media. “This is an isolated incident that has been contained. As this is an ongoing investigation the FBI does not have further comment to provide at this time.”

TechRadar Pro needs you! 

We want to build a better website for our readers, and we need your help! You can do your bit by filling out our survey and telling us your opinions and views about the tech industry in 2023. It will only take a few minutes and all your answers will be anonymous and confidential. Thank you again for helping us make TechRadar Pro even better.

D. Athow, Managing Editor

No details

This is not the first time the FBI has had to address a cyberattack in its own network. In late 2021, a threat actor managed to compromise the agency’s email inbox and send out spam messages. 

At the time, BleepingComputer noted that “tens of thousands” of spam messages were sent, in waves, from eims@ic.fbi.gov, and that the messages reached at least 100,000 mailboxes.

However, it noted spam-tracking nonprofit SpamHaus's suggestion that these figures were rather conservative and that the reach was “potentially much, much larger”.

Being a government agency, the FBI faces a constant barrage of cyberattacks. Government organizations are some of the most targeted firms in the world today, together with telecoms firms, healthcare organizations, and the education and learning industry. 

Threat actors can attack these organizations with spam email messages carrying malware in attachments or offering phishing links where victims give away their login credentials and other sensitive information that can be used in the second stage of the attack. 

Via: BleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.