The Federal Bureau of Investigation has concluded that last month’s breach of the networks it uses to manage wiretaps and other surveillance work qualifies as a “major incident,” signaling the severity of an intrusion that had already prompted the agency to launch a criminal probe and move to toughen cybersecurity.
An inquiry into abnormal activity on the compromised network was opened on Feb. 17, according to a notice to Congress from the Justice Department that was reviewed by Bloomberg News. The affected system contains sensitive law enforcement information, including data from electronic surveillance and personal identification information on subjects of bureau investigations, according to the notice.
Senior officials at the Justice Department determined on March 23 that the intrusion represented a “major incident” under a 2014 law requiring agencies and their contractors to implement security measures to protect government computer systems, according to the notification. FBI and Justice officials are conducting forensic examinations of the breach, along with other remedial efforts, it said.
“In response to the incident, the Department initiated the establishment of a working group dedicated to enhancing cyber resilience and improving cyber incident response processes,” the notice said. The Department asked recipients to keep the document confidential.
Under the Federal Information Security Modernization Act and subsequent guidance from the White House budget office, a “major incident” is defined as any network breach that’s likely to cause demonstrable harm to national security and other US interests. The definition also applies to episodes that expose significant amounts of personally identifiable information.
An FBI spokesperson didn’t immediately offer any comment on the breach. Politico reported earlier on the notice to Congress.
The notice didn’t say who investigators think might be responsible for entering the FBI networks without authorization, nor did it describe the extent of the breach, including what data specifically might have been compromised.
Lawmakers were initially informed of the breach in a brief notice in early March that was also seen by Bloomberg News. At the time, the Justice Department and FBI said they had not yet “determined the scope or impact of the incident” but promised further updates.
“The threat actor’s techniques identified to date appear sophisticated,” the agencies told lawmakers in the earlier notice. “These techniques include leveraging a commercial Internet Service Provider vendor’s infrastructure to exploit FBI network security controls.”
Photo: The seal of the Federal Bureau of Investigation on the office building in Washington. Photographer: Tierney L. Cross/Bloomberg
Was this article valuable?
Here are more articles you may enjoy.
Tennessee Approves Smallest Drop in Workers’ Compensation Costs in Years 
Taylor Swift Sued for Trademark Infringement Over ‘Life of a Showgirl’ 
Iran’s Grip on Hormuz Is Tighter Than Ever After a Month of War 
Florida Man Faked Brain Injury for Years in Attempt to Gain $6M in Insurance 
