A hack on the FBI email portal for law enforcement sent fake emails warning of a made-up cyberattack.
The FBI has blamed a “software misconfiguration” for a hack of its emailing system that saw at least 100,000 emails sent out through its domain on Friday (12 November).
The security flaw allowed an unidentified hacker to enter the FBI’s mass emailing system to communicate with state and local law enforcement, known as the Law Enforcement Enterprise Portal (LEEP), and send fake emails.
The contents of the emails, released by European spam intelligence group Spamhaus, appear to accuse cybersecurity expert and professional hacker Vinny Troia of conducting a hack.
We have been made aware of "scary" emails sent in the last few hours that purport to come from the FBI/DHS. While the emails are indeed being sent from infrastructure that is owned by the FBI/DHS (the LEEP portal), our research shows that these emails *are* fake.
— Spamhaus (@spamhaus) November 13, 2021
While the fake emails were sent out from the FBI’s official LEEP server with the domain @ic.fbi.gov, the FBI said that this server was dedicated to sending notifications to law enforcement partners and not part of the larger FBI corporate email service.
“[The fake emails] are causing a lot of disruption because the headers are real, they really are coming from FBI infrastructure,” Spamhaus said in a tweet.
No data compromised
The FBI confirmed that the hacker was not able to access or compromise any data or personally identifiable information on the FBI network.
“Once we learned of the incident, we quickly remediated the software vulnerability, warned partners to disregard the fake emails, and confirmed the integrity of our networks,” the FBI said in an updated statement on its website.
“The impacted hardware was taken offline quickly upon discovery of the issue. We continue to encourage the public to be cautious of unknown senders and urge you to report suspicious activity to ic3.gov or cisa.gov.”
In July, US company Kaseya was the victim of a ransomware attack that affected around 1,500 businesses and organisations. The attack sent ripples internationally, impacting a grocery store chain in Sweden, organisations in the UK, and a kindergarten group in New Zealand.
This incident followed a major cyberattack on Ireland’s Health Service Executive earlier this year that crippled its IT systems and left services without access to electronic health records for months.
Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.