Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI E-Mail Server Breached

Posted by ryuzaki0 on from the breaking-and-reading dept.

voma writes "The FBI said Friday it has shut down an e-mail system that it uses to communicate with the public because of a possible security breach. The bureau is investigating whether someone hacked into the www.fbi.gov e-mail system, which is run by a private company, officials said. 'We use these accounts to communicate with you folks, view internet sites, and conduct other non-sensitive bureau business such as sending out press releases,' Special Agent Steve Lazarus, the FBI's media coordinator in Atlanta, said in an e-mail describing the problem."

10 of 223 comments (clear)

  1. Request by mingot · · Score: 5, Insightful

    Neal, when you post an article like this the only thing anyone cares about is what OS (and especially if it was microsoft) got ownz0red. Please try to put this information in the summary. Thank you.

    1. Re:Request by kg4gyt · · Score: 3, Insightful

      It could be Linux, just with a poor pick for a password, or unpatched, or even configured incorrectly. Can't always immediately blame the OS, configuration can be just as large of a problem.

    2. Re:Request by Anonymous Coward · · Score: 3, Insightful

      says it is running Linux.


      It doesn't really. It says it's hosted by Akamai. Which means that the data is unreliable at best. Netcraft is actually detecting the OS and Web server software of Akamai's content serving nodes, which are most likely completely different from the FBI's actual servers.

      See this FAQ item from Netcraft for more information.
    3. Re:Request by Anonymous Coward · · Score: 1, Insightful

      what does the web site link have to do with the underlying mail infrastructure? netcraft ain't going to tell you jack.

    4. Re:Request by John+Whitley · · Score: 2, Insightful

      A well configured, well patched Windows machine (especially a server) isn't going to be very vulnerable.

      That's true as long as you say directly vulnerable. However, in any IT shop you also need to consider indirect vulnerabilities. E.g. the server itself may be secure, but someone's got to administer that system periodically. How secure are the system(s) used by the admins, or other systems on the network? All an attacker needs are some common user apps w/ holes on *some* systems that connect to the open internet (e.g. email, web browsers). With such a foothold established, the internal network and systems become subject to further analysis and attack. Small steps until the target is attained...

      In short, a well set-up server is like having good basic household security: locks on doors and properly secured windows. These methods are useful, but simply won't stop a determined attacker.

  2. No sensitive information? Re-think that by flinxmeister · · Score: 4, Insightful

    I have worked with FBI agents on a few things, and I can't imagine this email server didn't have sensitive info flow through it.

    I'm sure it's FBI policy to avoid it, but it's like a bank...how many people do you think send account numbers, SSN's, etc. to a bank via email? Do you think most people are going to see "fbi.gov" and not think it's safe to email them?

    Regardless of what they say, IF this server was compromised, I bet the attacker saw all sorts of interesting things. It's not their fault, but it's probably more serious than they are letting on.

  3. How long is this line going to hold? by PMuse · · Score: 2, Insightful

    'We use these accounts to communicate with you folks, view internet sites, and conduct other non-sensitive bureau business such as sending out press releases,' Special Agent ... Lazarus said ...

    We'll be seeing the first article any time now about classified material having been sent over this server. Some one start a pool.

    --
    "We reject as false the choice between our safety and our ideals." --The American President (20.1.2009)
  4. Risk of compromise is low by Jack+Taylor · · Score: 2, Insightful

    According to the BetaNews Article Officials said the actual risk of a system compromise was fairly low. So the question is, what did the sysadmin see that prompted him to shut the system down?

    --
    One good turn - gets all the covers.
  5. This Story is Surprising... Why? by Greyfox · · Score: 2, Insightful
    I mean look at the recent news. Not like they employ the brightest IT grapes in the bunch. I guess the NSA is snapping up all of those guys. Notice how whenever you hear about some government agency fucking up an IT project, it's never the NSA? So we know where all of the good IT talent in the government is...

    I guess I shouldn't hit below the belt like that but I'm still pissed off about millions of my dollars (And they were all MY dollars thptt!) being wasted on Virtual Case File. I bet some corrupt individuals got really, really rich off that project, too...

    --

    I'm trying to teach myself to set people on fire with my mind... Is it hot in here?

  6. "Breached"? How? And to what extent? by Ars+Dilbert · · Score: 2, Insightful

    An "E-mail system used to communicate with the public" sounds like an Internet facing SMTP gateway. I can't be sure, obviously, but that's the most likely type of a system that got "breached". The really juicy stuff, the e-mail servers that host the mailboxes, would be on the internal network, and much better protected against hacks.

    If an SMTP gateway was supposedly "breached", what could that entail? Somebody was able to relay through the server? Wooo, big deal! There are like a bazillion open relays out there. Or someone installed a trojan that allowed them to intercept the SMTP traffic? Again, it is not a big deal. The e-mail messages were sent to the public, and SMTP traffic being sent to the outside mail servers isn't encrypted or secure in any way anyhow. It can be intercepted, and e-mail can be read, at any upstream router.

    This has been blown out of proportions, IMO.