The FBI’s jurisdiction and its digital presence have intersected in an embarrassing and highly damaging manner. Hackers penetrated networks at the Department of Justice and the Department of Homeland Security, gaining access to employee records at the FBI and other agencies. Hundreds of gigabytes worth of data have been stolen, the hackers claim, and they are using the hack as a protest for the #FreePalestine movement.
Motherboard first reported on the hack, and corroborated at least some of the claims:
A hacker, who wishes to remain anonymous, plans to dump the apparent names, job titles, email addresses and phone numbers of over 20,000 supposed Federal Bureau of Investigation (FBI) employees, as well as over 9,000 alleged Department of Homeland Security (DHS) employees, Motherboard has learned.
The hacker also claims to have downloaded hundreds of gigabytes of data from a Department of Justice (DOJ) computer, although that data has not been published.
On Sunday, Motherboard obtained the supposedly soon-to-be-leaked data and called a large selection of random numbers in both the DHS and FBI databases. Many of the calls went through to their respective voicemail boxes, and the names for their supposed owners matched with those in the database. At one point, Motherboard reached the operations center of the FBI, according to the person on the other end.
One alleged FBI intelligence analyst did pick up the phone, and identified herself as the same name as listed in the database. A DHS employee did the same, but did not feel comfortable confirming his job title, he said.
IBT noted the declared motivation of the hacktivists:
The hacker, who attached a note to the leaked cache that said “this is for Palestine, Ramallah, West Bank, Gaza, this is for the child that is searching for an answer”, claimed to have attained the information via a Department of Justice (DoJ) computer. It is suspected that hundreds of gigabytes of data was stolen in the hack. …
Meanwhile, a twitter account under the handle @DotGovs appears to be host to the hackers responsible for the breach. On the profile, which has stated publicly that it has multiple admins, the hackers threatened to expose a separate set of up to 20,000 credentials from the FBI – however this data has not yet been published.
The hackers specifically threatened to release the names of FBI agents serving abroad, a move that appears intended to put their lives in danger. However, DoJ spokesperson Peter Carr denies that any of the information stolen would identify specific agents and locations. In fact, the DoJ isn’t quite sure a crime has taken place, or at least they aren’t quite admitting it yet:
Peter Carr, a spokesman for the Department of Justice, said it did not think the hackers had managed to release “sensitive, personally-identifiable information”, and that if it discovered criminal activity it would press charges.
“The department is looking into the unauthorised access of a system operated by one of its components containing employee contact information,” he told The Telegraph.
“This unauthorised access is still under investigation; however, there is no indication at this time that there is any breach of sensitive personally identifiable information.
“The department takes this very seriously and is continuing to deploy protection and defensive measures to safeguard information. Any activity that is determined to be criminal in nature will be referred to law enforcement for investigation.”
What kind of unauthorized penetration of these systems would not be criminal? That language might be even more curious, under the circumstances. The hack may be months old, according to Newsweek, via The Inquisitr:
An FBI source told Newsweek that some FBI employees were notified in May that their files had been accessed by hackers during the massive year-long breach of OPM’s database.
More than 36,000 people currently work for the FBI, and while it remains unclear how many of them were affected by the alleged hack, the cyber security breach by the unnamed hacker can have “mind-boggling” effects, according to the sources, because there can be several classified data [sic].
Perhaps this is a separate attack from the one in May, but if so, that makes it even worse. Besides, these agencies supposedly began hardening their data security after the OPM hack got exposed in June of last year. If this penetration took place before federal officials took notice of the China-based penetration of the federal employee and security clearance databases, then it raises questions about who else might have been able to grab that highly sensitive information. If it took place afterward — and there seems to be little reason for hacktivists to keep quiet about this information for as long as eight months or more — then it raises even more questions about the response to the massive security breach last year.
The FBI will need to get to the bottom of this hack quickly. And Congress should start demanding answers on cybersecurity from an administration that has lectured the private sector on this issue endlessly but seems incapable of taking their own advice.