Authorities in the United States are looking into a potential cyberattack against a system that the FBI uses for wiretap and foreign intelligence surveillance orders. The attack has everyone asking the same uneasy question: if the FBI’s own surveillance tools aren’t safe, what is? These are the very systems agents lean on to crack criminal cases and track national security threats. And now they’re in the crosshairs.
The FBI has reported that hackers have potentially accessed portions of the FBI’s internal database; early reports indicate that the attempted hacker may have accessed the system the FBI utilizes to process both wiretap and foreign intelligence surveillance warrants. Right now, the FBI is racing to answer two questions: how did the bad guys get in, and did they actually walk away with anything? Until they know for sure, no one’s breathing easy.
According to cybersecurity experts, incidents such as this demonstrate the growing risks against governmental entities from cyberattacks, as hackers are increasingly likely to target systems associated with intelligence gathering and surveillance operations.
Hack may have targeted the system used for surveillance warrants
CNN was the first to report the suspected breach. According to the report, hackers may have breached an FBI database packed with sensitive records (wiretap authorizations, foreign intelligence orders, you name it). A nightmare scenario, if the intel turns out to be real.
The FBI’s internal system for managing wiretap requests is a critical part of assisting investigators in establishing and monitoring the electronic communications that a court approves for use in criminal/terrorism investigations. Law enforcement agencies depend on such systems to retrieve phone calls, messages, and other digital interactions.
The FBI’s Digital Collection System Network, an example of the above-described system, enables agents to monitor and intercept telecommunications via wiretap devices in the U.S. Once they obtain proper legal authority, agents can conduct real-time monitoring of telecommunications.
Considering that these systems contain significant amounts of sensitive investigative information, any unauthorized access may pose serious challenges to the US national security. Here’s what makes this really unsettling: FBI officials admit they’re still in the dark. They don’t know which system got hit, what leaked, or if hackers grabbed active secrets. Just a lot of unknowns (and a very bad day for officials).
Growing concerns over cyberattacks on government networks
The potential breach on the FBI system occurred following the rising trend of cyberattacks on government infrastructures across the globe. Intelligence and law enforcement agencies have become prime targets of cyberattacks due to the sensitive data and information they maintain.
According to security researchers, hackers may attempt to determine how surveillance mechanisms function to help them evade detection in the future. Even minimal access to those tools may disclose the methodologies the agencies utilize to gather evidence, as well as possible weaknesses of these systems.
But law enforcement isn’t just sitting back. Take last year’s coordinated takedown: Europol and the FBI took action against the Safe-Inet VPN service for helping cybercriminals hide their tracks. The VPN marketed itself as “unbreakable” and refused to hand over logs, essentially giving hackers a free pass to launch ransomware and account theft. Shutting it down sent a message: even the shadows have limits.
The past few years have seen multiple cyber espionage campaigns targeting infrastructure associated with the U.S. telecommunications and intelligence organizations. There have been several instances of cyberattacks launched from foreign state-sponsored hacking organizations for the purpose of acquiring strategic intelligence.
For example, there have been reports that an alleged state-sponsored Chinese hacking group known as Salt Typhoon had breached several U.S. telecommunications providers such as AT&T and Verizon, in an attempt to gain access to materials related to surveillance.
Some industry experts see this as a data grab, not destruction. At least for now. But information in the wrong hands has a way of coming back to bite you. Hard.
Investigation ongoing as officials assess impact
As of now, investigators continue their analysis on the potential extent of the suspected compromise – there is no official confirmation from law enforcement as to whether or not any of the hackers have accessed or compromised any type of confidential material due to such unauthorized entry.
Law enforcement is assessing system logs and activity to find evidence of entry points the alleged intruders used, and if they possibly moved from one system to another. In conjunction, cyber defense personnel have also commenced actions to enhance the agency’s overall security posture and defense against future unauthorized access.
Investigations of this type typically require a high degree of caution from respective government entities, especially when sensitive intelligence tools are the targets.
Typically, after the initial investigation begins and the government determines any potential national security issues, there are strict limits on how much the government can disclose publicly.
Currently, the FBI has yet to provide a public release of information concerning the breach, nor have they identified the perpetrators of the breach; however, as the investigation continues, the FBI may release additional information about the events surrounding the incident.
The breach eliminates any thought that cyberattacks can occur only at the local level and further confirms how even governmental data systems are at risk of sophisticated hackers.
As digital technologies continue to evolve and become more innovative and complex in nature, law enforcement and national security will continue to face an increasing amount of pressure in protecting essential technologies applicable to surveillance and intelligence operations.
