In a statement to FedScoop the agency said it is aware of the incident and is working to gain additional information.

The agency added: “This is an isolated incident that has been contained. As this is an ongoing investigation the FBI does not have further comment to provide at this time.”

CNN first reported details of the cyber incident, which is understood to have primarily affected the agency’s New York Field Office.

Two sources briefed on the matter told the news organization that the incident involved an FBI computer system used in investigations of images of child sexual exploitation.

The FBI has been compromised in by other cyber incidents in the past couple of years, including a November 2021 cyberattack on its Law Enforcement Enterprise Portal which resulted in fake cyber alert emails being sent on the agency’s behalf.

The FBI said at the time that it took action to remediate the software vulnerability, warned partners to disregard the fake emails and confirmed the integrity of its networks. However, the bureau has yet to publicly name a suspect for that attack.

Speaking with FedScoop, Global Head of Professional Services at BlueVoyant and former FBI Crimes Against Children Coordinator in New York Austin Berglas said it was unlikely the incident would result in the disclosure of classified information.

He said: “The most likely scenario is dirty evidence with a virus from a child pornographer evaded the FBI’s malware detection tools and was uploaded to the forensic network of the FBI in New York.”

Berglas added: “But most importantly, if protocol was being followed then no classified or top secret info was effected by this apparent attack because there’s a strict procedures in place. The classified and top secret information is not connected to the forensic computer network that was affected by the incident.”

Editor’s note, 2/17/22: This story was updated to include comment from Austin Berglas.

The post FBI says cyber incident at New York Field Office ‘contained’ appeared first on FedScoop.

In a statement, the agency said that while the spam emails originated from an FBI-operated server, the server was dedicated only to pushing notifications for LEEP “and was not part of the FBI’s corporate email service.”

Attackers were able to send the fake spam emails because of a software misconfiguration with the Law Enforcement Enterprise Portal.

Thousands of emails were sent late Friday from an FBI address, purporting to warn recipients about an imminent cyberattack. The email domain used was that of the FBI’s Criminal Justice Information Services division, according to cybersecurity expert Brian Krebs.

“The FBI is aware of a software misconfiguration that temporarily allowed an actor to leverage the LEEP to send fake emails,” the agency said in its statement. “No actor was able to access or compromise any data or PII on the FBI’s network.

The FBI added that after learning of the attack, it took fast action to remediate the software vulnerability, warned partners to disregard the fake emails and confirmed the integrity of its networks.

It is the latest such hack to hit a government agency and comes after an email marketing account used by the U.S. Agency for International Development’s email was compromised earlier this year.

Also, in August, the Department of Justice revealed that a total of 27 U.S. Attorneys’ offices had one or more employees’ Microsoft Office 365 email accounts compromised during the SolarWinds attack in 2020.

The Law Enforcement Enterprise Portal is a platform used by U.S. law enforcement agencies and the intelligence community. It provides web-based investigative tools and analytical resources as well as resources for responding to emergencies such as active shooter incidents.

The post FBI confirms Law Enforcement Enterprise Portal compromise in cyberattack appeared first on FedScoop.