- La colaboración entre Seguridad y FinOps puede generar beneficios ocultos en la nube
- El papel del CIO en 2024: una retrospectiva del año en clave TI
- How control rooms help organizations and security management
- ITDM 2025 전망 | “효율경영 시대의 핵심 동력 ‘데이터 조직’··· 내년도 활약 무대 더 커진다” 쏘카 김상우 본부장
- 세일포인트 기고 | 2025년을 맞이하며… 머신 아이덴티티의 부상이 울리는 경종
FBI “Contains” Cyber-Incident on its Network
The FBI has released a brief statement about a recent cyber-incident that occurred at one of its highest profile field offices, claiming it is now under control.
Sources briefed on the matter told CNN that a malicious incident impacted part of its network used in investigations of images of child sexual exploitation.
“The FBI is aware of the incident and is working to gain additional information,” the Feds said in a statement sent to the news network. “This is an isolated incident that has been contained. As this is an ongoing investigation the FBI does not have further comment to provide at this time.”
It remains to be seen what type of attack this was and where it came from.
However, it’s not the first time the bureau has been targeted. In 2021, an official email address was reportedly compromised and used to spam at least 100,000 recipients. One intercepted message apparently cited the DHS Cybersecurity and Infrastructure Security Agency (CISA) and claimed the recipients were on the receiving end of a major cyber-attack.
Later, the FBI confirmed that hackers had taken advantage of a misconfiguration in an IT system it used to communicate with state and local law enforcement partners: the Law Enforcement Enterprise Portal (LEEP).
Austin Berglas, global head of professional services at BlueVoyant is a former assistant special agent in charge of the FBI’s New York Office Cyber Branch.
He explained that investigations into crimes against children frequently involve the collection and analysis of digital evidence.
“Once evidence is obtained or seized through consent or legal process, the digital media (mobile phones, computers, and external storage devices) is provided to a member of the FBI’s Computer Analysis Response Team (CART) – certified special agents and forensic examiners,” he continued.
“All digital evidence is scanned for malware or malicious files prior to processing on computers with specialized forensic software used to extract information contained on the devices. These forensic computers are stand-alone and are not connected to any internal, classified system.”
This means that, even if a new malware variant made its way from a seized device onto a forensic computer, it would be contained to the examination network, Berglas said.
“The potential for that malware to spread and infect other investigative matters on the CART network is real, but, in order to preserve the original evidence, forensic examiners produce working copies for analysis and review,” he concluded.