Cyber-attack targets FBI

Hackers compromised a Federal Bureau of Investigation (FBI) email system over the weekend and sent tens of thousands of messages warning of a possible cyberattack, according to the agency and security specialists.

The FBI, which is part of the US Department of Justice, said fake emails appeared to come from a legitimate FBI email address ending in @ic.fbi.gov.

According to US media reports, more than 100,000 emails were sent out.

Although the hardware impacted by the incident “was taken offline quickly upon discovery of the issue,” the FBI said, “this is an ongoing situation.”

Both the FBI and Cybersecurity and Infrastructure Security Agency are aware of the incident, the FBI statement said.

The agency said the affected hardware was quickly taken offline after the issue was detected and warned the public to be “cautious of unknown senders” and to report suspicious activity to the government.

It is not yet clear whether the emails were sent by an individual with cleared access to the FBI servers or if hackers were involved.

The FBI is the lead federal agency for investigating cyber-attacks and intrusions. It collects and shares intelligence and engages with victims while working to unmask those committing malicious cyber activities.

The latest incident comes as the FBI recently warned that ransomware groups are targeting companies involved in “significant, time-sensitive financial events,” such as mergers and acquisitions, in an effort to coerce victims into paying their ransom demands.

In in advisory note, the FBI said that cybercriminals often try to find non-public information when targeting companies involved in major financial events, which cybercriminals can threaten to publish if they don’t pay the ransom demand.

“During the initial reconnaissance phase, cyber criminals identify non-publicly available information, which they threaten to release or use as leverage during the extortion to entice victims to comply with ransom demands. Impending events that could affect a victim’s stock value, such as announcements, mergers, and acquisitions, encourage ransomware actors to target a network or adjust their timeline for extortion where access is established,” the FBI said.

“If victims do not pay a ransom quickly, ransomware actors will threaten to disclose this information publicly, causing potential investor backlash.”

“Impending events that could affect a victim’s stock value, such as announcements, mergers, and acquisitions, encourage ransomware actors to target a network or adjust their timeline for extortion where access is established,” the advisory said.

The FBI said it has identified several cases of ransomware groups using information on an ongoing merger or acquisition negotiation to put pressure on organizations to pay up.

Follow us on twitter: @risksEmerging

Twitter feed is not available at the moment.
SHARE: