FBI has confirmed that an unnamed actor was able to gain access to the FBI’s Law Enforcement Enterprise Portal (LEEP) to send the emails to thousands of recipients about a fake cyberattack.
LEEP is an IT infrastructure used by the FBI to communicate with its state and local law enforcement partners.
The email looked like this:
The headers of the email can been see below as well as its sending IP address: 220.127.116.11 (mx-east-ic.fbi.gov).
“While the illegitimate email originated from an FBI operated server, that server was dedicated to pushing notifications for LEEP and was not part of the FBI’s corporate email service. No actor was able to access or compromise any data or PII on the FBI’s network,” the FBI said in the statement.
“Once we learned of the incident, we quickly remediated the software vulnerability, warned partners to disregard the fake emails, and confirmed the integrity of our networks.”
Dimitris is an Information Technology and Cybersecurity professional with more than 20 years of experience in designing, building and maintaining efficient and secure IT infrastructures.
Among others, he is a certified: CISSP, CISA, CISM, ITIL, COBIT and PRINCE2, but his wide set of knowledge and technical management capabilities go beyond these certifications. He likes acquiring new skills on penetration testing, cloud technologies, virtualization, network security, IoT and many more.