The Federal Bureau of Investigation (FBI) has initiated an investigation into a recent cyberattack it reportedly suffered. According to people familiar with the matter, the FBI network targeted in the attack is used to investigate images of child sexual exploitation.
In its response to CNN which first reported the attack, the FBI called the hit job an isolated incident and said it had been contained. However, that’s all that the federal law enforcement agency told CNN, adding that it is working to gauge the scope of the cyberattack.
“The FBI is aware of the incident and is working to gain additional information,” the FBI told CNN. “This is an isolated incident that has been contained. As this is an ongoing investigation the FBI does not have further comment to provide at this time.”
It is unclear who was behind the attack or exactly what type of attack the agency suffered. What’s known is that the computer system and network used in investigating child sexual exploitation cases at the FBI New York Field Office was impacted.
Given that the FBI is one of the premier law enforcement agencies with jurisdiction across the U.S., it is one of the prime targets for cybercriminals. However, there is little incentive for threat actors to go at loggerheads with the FBI unless the payoff is significantly huge.
See More: Cyberattack Cripples Florida Hospital’s Emergency Treatment Ability
In this particular case, one of the more high-profile field offices was targeted.
This breach of @FBI’s networks is extremely concerning, and Chairman @SenGaryPeters is pressing for answers on how it was allowed and any impacts it has had.
This attack is another example of why Congress must strengthen the federal government’s cybersecurity defenses.
— Homeland Security & Govt. Affairs Committee — Dems (@HSGAC) February 17, 2023
The FBI’s previous cybersecurity incidents include the November 2021 attack wherein the agencies’ email servers were hacked to send spam emails. In total, the threat actors managed to spam 100,000 mailboxes with emails sent from the FBI’s Law Enforcement Enterprise Portal (LEEP) domain name and Internet address eims@ic.fbi.gov.
While the November 2021 attack was believed to be propagated by pompompurin, who leveraged insecure code in an FBI online portal designed to share information with other law enforcement (state and local) authorities, it remains to be seen how the latest attack came about.
Let us know if you enjoyed reading this news on LinkedIn, Twitter, or Facebook. We would love to hear from you!
Image source: Shutterstock
