The FBI email hack is a wary warning to all about email security

When news of an email hack at the Federal Bureau of Investigation (FBI) broke out, many were caught surprised, given the levels of security that would be in place for one of the biggest and most secure enforcement agencies in the world.

But on Saturday, Nov 13 2021, the email system sent out tens of thousands of messages warning people of a possible cyberattack. News reports pointed out that the fake emails appeared to have come from a legitimate FBI email address.

Following the reports, the FBI released a statement on the incident from an @ic.fbi.gov email account. The statement highlighted that the impacted hardware was taken offline quickly upon discovery of the issue, and encouraged the public to be cautious of unknown senders and report suspicious activity to them or to the Cybersecurity and Infrastructure Security Agency (CISA).

In a further update the FBI reported the email hack to be a software misconfiguration that temporarily allowed an actor to leverage the Law Enforcement Enterprise Portal (LEEP) to send fake emails. LEEP is an FBI IT infrastructure used to communicate with state and local law enforcement partners.

“While the legitimate email originated from an FBI operated server, that server was dedicated to pushing notifications for LEEP and was not part of the FBI’s corporate email service. No actor was able to access or compromise any data or PII on the FBI’s network. Once we learned of the incident, we quickly remediated the software vulnerability, warned partners to disregard the fake emails, and confirmed the integrity of our networks,” said the statement.

Email hacks are commonplace in enterprises, often caused by malicious content attached to emails that are opened by unsuspecting employees. In fact, there is an average of three billion phishing emails sent out daily, each with its own criminal aim.

Perhaps it is not that surprising that isn’t the first time an email hack has happened to a security agency. Security and law enforcement agencies continue to face the growing risks of cyberattacks as cybercriminals become increasingly daring, knowing that it will be harder for them to get caught in the process, when the pursuer’s systems are the ones being hacked.

The FBI has experienced breaches in the past as well with one of the most recent ones being in 2019 when a nonprofit organization affiliated with the FBI confirmed that hackers breached the web servers of multiple chapters and published the names and addresses of hundreds of law enforcement personnel and thousands of other people online.

In 2016, hackers took to social media to boast about a data dump that exposed details of 20,000 FBI employees. The released information comprised largely of names, titles, phone numbers, and e-mail addresses. Such stolen information was mined, according to the hackers, by accessing a Department of Justice database.

While the recent incident at the FBI did not affect any databases, the reality is, cybercriminals are daring enough to launch attacks on security agencies. Interestingly, the hack comes about a few after the FBI disclosed that Iranian hackers are searching cybercriminal websites for sensitive data stolen from the US and foreign organizations.

CNN reported an FBI advisory sent to US companies. It is unclear if any of these companies also received spam emails from hackers over the weekend. The Biden administration has waged a crackdown against ransomware, as criminal groups continue to publish data about their victims to pressure them into paying money to unlock their computers.

The SolarWinds hack remains one of the biggest espionage attacks with Russian hackers accused of breaching nine US agencies to mine valuable sensitive data from government agencies. Since then, the US has been on high alert for cyberattacks with the government warning organizations to be vigilant and keep systems updated with the latest security protection.

The reality is, the FBI’s email hack is probably a stark reminder and warning of the issue at hand. If the FBI’s email systems can be compromised, what more about enterprises and personal email accounts.