Last week, the Federal Bureau of Investigation (FBI) confirmed that an attacker was able to access their email server and send thousands of faked emails from it. The emails were spammed to at least 100,000 people and falsely warned recipients that they had fallen victim to a cyberattack.
The FBI Statement on Incident Involving Fake Emails, which was updated on November 14, 2021, reads:
The FBI is aware of a software misconfiguration that temporarily allowed an actor to leverage the Law Enforcement Enterprise Portal (LEEP) to send fake emails. LEEP is FBI IT infrastructure used to communicate with our state and local law enforcement partners. While the illegitimate email originated from an FBI operated server, that server was dedicated to pushing notifications for LEEP and was not part of the FBI’s corporate email service. No actor was able to access or compromise any data or PII on the FBI’s network. Once we learned of the incident, we quickly remediated the software vulnerability, warned partners to disregard the fake emails, and confirmed the integrity of our networks.
KrebsOnSecurity was contacted by the alleged perpetrator of the spam attack, who told them, “I could’ve 1000% used this to send more legit looking emails, trick companies into handing over data etc.” The hacker claimed to have done it to expose flaws in the FBI’s system. It also appears that the attacker attempted to defame or at least troll cybersecurity researcher, Vinny Troia, who was named in the fake emails as the “threat actor.”
There are a few things we can learn from the incident:
AllSafe IT is an IT services, consulting, and IT support firm with a dedicated, certified team of technology experts with a client base spanning a wide range of industries. In today's ultra-competitive world, businesses who don't utilize the full potential of their IT systems often fall behind their competitors - which can ultimately lead to failure. Our services are custom tailored to ensure that your business not only survives, but thrives.