The Federal Bureau of Investigation (FBI) has labelled a recent cyberattack on its surveillance systems a “major incident”. The intrusion was first detected in February this year and targeted systems used for wiretaps and investigations. According to a police notice viewed by Blomberg, an inquiry into abnormal activity on the compromised network was opened on February 17. “In response to the incident, the Department initiated the establishment of a working group dedicated to enhancing cyber resilience and improving cyber incident response processes,” the notice said as quoted by the publication. The affected network, as per the inquiry, contained highly sensitive information, including personal data and surveillance records. As per the report, the notice said that “the affected system contains sensitive law enforcement information, including data from electronic surveillance and personal identification information on subjects of bureau investigations”.
What “major incident” classification of the cyberattack means
Officials concluded on March 23 that the intrusion represented a “major incident” under a 2014 law requiring agencies and their contractors to implement security measures to protect government computer systems. The Bloomberg report states that under the Federal Information Security Modernization Act and subsequent guidance from the White House budget office, a “major incident” is defined as any network breach that’s likely to cause demonstrable harm to national security and other US interests. The definition also applies to incidents where significant amounts of personally identifiable information is exposed.The FBI and Justice Department have launched a criminal investigation into the breach.
Group behind the attack yet to be identified
Authorities have yet not identified the group behind the attack. The Justice Department and FBI said they had not yet “determined the scope or impact of the incident” but promised further updates.“The threat actor’s techniques identified to date appear sophisticated,” the agencies told lawmakers in the earlier notice. “These techniques include leveraging a commercial Internet Service Provider vendor’s infrastructure to exploit FBI network security controls.”
