Facepalm: US FBI Systems Are Pwned And Sending Fake Cyberattack Emails
After midnight this morning, threat intelligence group Spamhaus reported that "scary" fake emails were being sent from the FBI and Department of Homeland Security's infrastructure. These emails, such as the one pictured below, generally contained worrisome cybersecurity mumbo-jumbo in a plaintext format that looks more like a text document than an email from a government agency.
With this, Spamhaus believes that these emails are a "combination scare-ware (get people to shut things down or make changes in a hurry), and a character assassination against the guy named in it, AND a way to make the FBI scramble." Though the poor grammar and odd formatting should be a tip-off to this being fake, it quite likely tricked some people into action. Kevin Beaumont, cybersecurity reporter and researcher, briefly explained a likely scenario on Twitter, stating, "Your CISO and leadership team aren't online. Incident response kicks in, RIP those on call getting the call about FBI attack notification at 2am." This sort of chaos could lead to failures or overreactions in the chain of command, causing further problems for a company that received the threatening emails.
Amusingly, Brian Krebs of KrebsOnSecurity also received one of these emails. However, his was rather larger and he was able to capture its header information as well. Regardless, it seems these emails are nothing to be worried about, even though they are coming from US federal email infrastructure. Hopefully, the FBI will shut down this bothersome intrusion shortly, if not already. Moreover, perhaps this could be treated as a good live-fire drill to help incident response in the future.