Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Home Cyber Attacks Hacking of the US InfraGard Critical Infrastructure Intelligence Portal
Cyber Attacks Databases FBI InfraGard KrebsonSecurity

Hacking of the US InfraGard Critical Infrastructure Intelligence Portal

Approximately 80,000 contacts from the private sector are being offered for sale on a cybercrime forum.
Saturday, December 17, 2022

 


One of the FBI's central databases had been hacked by a hacker. It appears to have been caused by a crucial security lapse on the part of the bureau, resulting in the possible theft of sensitive information. 

It has been reported by KrebsonSecurity that InfraGard has been used by hackers as a social media intelligence hub for high-profile people. 

An imperative aspect of the FBI's InfraGard program is that it links "critical infrastructure owners and operators with the FBI to provide education, information sharing, networking, and training regarding emerging threats and technologies." To put it simply, it is a database of people who are highly visible and who are concerned about security.  

A database with contact information for over 80,000 InfraGard members was listed on the Breached cybercrime forum for the cost of $50,000. It gives you access to the contact information of thousands of InfraGard members. 

A Python script from a friend was used to query the InfraGard API and obtain all of the user data after USDoD completed the sign-up process using email verification and then ran it to gather all of the data.  

One of the most concerning aspects of this data theft is that the FBI appears not to have conducted any security checks at all. The people's identities that were used to create this account have confirmed that they had never been contacted by the FBI before the account was approved. Although when the identities of people were used for this purpose. 

There has also been confirmation from the FBI to Krebs that they are aware of the possibility of a false account associated with the InfraGard system. They also stated that, currently, they are unfit to provide any additional information regarding the situation.  

A spokesperson for the USDA admitted that the $50,000 price tag placed on the databases was too high. As a result, it is imperative to make sure it is enforceable to allow for price negotiation if someone shows interest in purchasing it. While the InfraGard account is still active, there is nothing to stop hackers from contacting these high-profile figures at any time during the investigation. 
Tags: Cyber Attacks Databases FBI InfraGard KrebsonSecurity
Share it:

Cyber Attacks

Databases

FBI

InfraGard

KrebsonSecurity