[ISN] FBI Computers: You Don't Have Mail

InfoSec News isn at c4i.org
Mon Feb 7 08:37:50 EST 2005


By Michael Isikoff and Mark Hosenball
February 14th 2005 issue 

The FBI's computer woes got even worse last week when bureau officials
were forced to shut down a commercial e-mail network used by
supervisors, agents and others to communicate with the public.  The
reason, sources tell NEWSWEEK, was an apparent "cyberintrusion" by an
outside hacker who officials fear had been tapping into supposedly
secure e-mail messages since late last year. FBI spokesmen publicly
sought to downplay the damage, saying the compromised commercial
server - maintained by AT&T - was used exclusively for unclassified
and "nonsensitive" communications that did not involve ongoing
investigations. One example, they said, was notices from
public-affairs offices' fbi.gov addresses to members of the press. But
privately, officials were highly concerned - and recently notified the
White House. One top FBI official says he regularly used his shut-down
fbi.gov e-mail account to send messages to state and local police
chiefs. Another source tells Newsweek that more than 3,000 old and
current e-mail accounts were shut down. Others say the same apparently
compromised server also provided accounts to other government
agencies. Justice Department officials, who launched their own
cybercrime investigation into the apparent intrusion, noted that there
was no telling the potential damage at this point, given the common
tendency for everybody to say too much - including making references
to law-enforcement "sensitive" cases - even in theoretically routine
e-mails. "This is an eye-opener for all of us," says one FBI official.
The bigger question, sources say, was how the hackers penetrated the
bureau's e-mails - and why it took the FBI so long to notify the rest
of the government. The FBI e-mail system was erected with firewalls
that were supposed to prevent even sophisticated hackers from
penetrating.  But while officials stressed there was no evidence that
the apparent intruder or intruders were part of any terrorist or
foreign intelligence organization, the authorities were still baffled
as to how they got into the system. According to sources familiar with
the investigation, one suspicion is that hackers either used
sophisticated "password cracking" software that tries out millions of
password combinations or somehow eavesdropped on Internet
transmissions. Over the weekend, NEWSWEEK has learned, the Department
of Homeland Security posted a computer-security alert to agencies
throughout the federal government urging e-mail users to be more
careful about choosing their passwords by avoiding obvious clues -
like nicknames, initials, children's names, birth dates, pet names or
brands of car. "Such information can be easily obtained and used to
crack your password,"  the bulletin states.

The e-mail compromise couldn't have come at a worse time for the
bureau. Just last week, the Justice Department inspector-general
released a report sharply criticizing the FBI's management of its new
Virtual Case File computer system - a $170 million software upgrade
that bureau officials now concede they may have to - scrap. The VCF
system was supposed to make it much easier for agents to
electronically access vital information relating to ongoing cases in
different FBI offices. But the I.G. found that poor planning and
ineffective management have resulted in a system that is nearly
unworkable. FBI chief Robert Mueller, who sources say has personally
briefed President George W. Bush on the matter, took responsibility
"at least in part"  for the fiasco before a Senate subcommittee. "No
one is more frustrated and disappointed than I," he said.

More information about the ISN mailing list