FBI Email System Compromised In Cyberattack

Exploit: Business Email Compromise, Account Takeover
Company: Federal Bureau of Investigation (FBI)
Industry: Federal Government, Agency
Source: https://www.washingtonpost.com/nation/2021/11/14/fbi-hack-email-cyberattack/

Tens of thousands of fraudulent emails were sent from a compromised email account belonging to the US Federal Bureau of Investigation. After successfully taking over the account, the threat actor(s) spammed thousands of people by faking an impending cyberattack alert. Many well-known celebrities and journalists were on the recipient list including Jay-Z and Brian Krebs.

FBI officials reported that the fraudulent emails originated from an FBI-operated server dedicated to pushing notifications externally for their Law Enforcement Enterprise Portal (LEEP). In their statement, officials clarified that the compromised system is not part of the FBI’s internal corporate email system stating, “No actor was able to access or compromise any data or (personally identifiable information) on FBI’s network.”

While the cyberattack has caused quite a stir, early speculation suggests the cyberattack may have been part of a hacktivist initiative or simply an act of highlighting and exposing a vulnerability rather than exploiting it. With no malicious attachments or links, the cyberattack appears to lack the characteristics of those with a more nefarious intention.

Fortunately, the disruptive cyberattack on the FBI’s system looks like it could have been more consequential than it was. While we wait for more details to unfold, the bureau continues to take action and said they have already, “remediated the software vulnerability, warned partners to disregard the fake emails, and confirmed the integrity of (their) networks.”