A month ago, CNN reported that suspicious activity had been detected on an FBI surveillance network.
The FBI has identified a suspected cybersecurity incident on a sensitive network used to manage wiretaps and intelligence surveillance warrants, and officials are working to determine the seriousness of the incident, according to an FBI statement and a source familiar with the investigation.
“The FBI identified and addressed suspicious activities on FBI networks, and we have leveraged all technical capabilities to respond,” the bureau said in a statement to CNN on Thursday, declining to elaborate.
A source familiar with the investigation told CNN the cybersecurity incident is related to a digital system the bureau uses to manage wiretapping and foreign intelligence surveillance warrants as part of investigations.
Later that same day, the Wall Street Journal reported that China was suspected of being behind the intrusion.
U.S. investigators believe hackers affiliated with the Chinese government are responsible for a cyber intrusion on an internal Federal Bureau of Investigation computer network that holds information related to some domestic surveillance orders, according to people familiar with the matter.
The scope and severity of the intrusion are not known, and the investigation is in its early stages, the people said. Any preliminary conclusions could change as investigators gather more information.
If China is confirmed to be responsible for the breach, it would signal the latest intrusion by Beijing’s hackers of computer systems related to law-enforcement surveillance orders, which contain highly sensitive material.
As you can see, investigators still weren’t certain how serious the new breach was at the time. But yesterday we got an update on that and it was not good news.
The FBI last week deemed a recent China-linked cyber intrusion into a sensitive agency surveillance system a “major incident,” meaning it poses significant risks to U.S. national security, according to one congressional aide and two U.S. officials with knowledge of the matter…
The FBI determined the intrusion meets the definition of a major incident under a federal data security statute known as FISMA, said the three people. Congress was informed of the decision earlier this week, according to the aide…
The determination suggests the hackers successfully compromised swathes of sensitive data stored directly on FBI systems, likely marking a major counterintelligence coup for China. FISMA requires agencies to tell lawmakers within seven days about any digital intrusion it has determined is “likely to result in demonstrable harm” to U.S. national security…
Under guidelines set by FISMA, an intrusion can meet the major incident threshold if it involves the exfiltration or compromise of personally identifiable data, or presents acute risks to the national security, foreign relations, public confidence or civil liberties of Americans.
The FBI hasn’t declared a “major incident” hack of its systems since at least 2020, so this was a significant one. But which threshold caused this hack to meet that designation? In other words, it could be any of the reasons listed in that last paragraph above. Fox News is reporting that the hack may involve a threat to national security.
Fox News is told that China is the culprit and that the breach could pose a threat to national security. The hack involved FBI systems in the Virgin Islands, not FBI headquarters.
It’s not clear if this is a continuation of the Salt Typhoon hacks that China has been engaged in for several years. Those hacks focused mostly on telecom companies around the globe.
Salt Typhoon is behind one of the broadest hacking campaigns in recent years, targeting some of the world’s largest phone and internet companies and stealing tens of millions of phone records about senior government officials…
The hacks allowed China to obtain call records, text messages, and captured phone audio from senior U.S. officials, many of whom were considered government targets of interest. This prompted the FBI to urge Americans to switch to end-to-end encrypted messaging apps, fearing that a foreign adversary could eavesdrop on their communications.
Salt Typhoon went even further, hacking at least 200 companies around the world, according to FBI officials. The list of affected countries keeps growing.
China remains our most persistent source of trouble in many ways and has been hacking our systems daily for years now. But they aren’t immune to having their own systems hacked. Two weeks ago, someone posted a massive set of data from a Chinese super computing center for sale on the dark web.
Hackers claim to have breached a major Chinese state-run computing facility and obtained up to 10 petabytes of sensitive data, including materials related to weapons testing and military simulations.
According to NetAskari, the data allegedly originates from the National Supercomputing Center in Tianjin, a key infrastructure site used for advanced scientific and defense-related calculations.
No doubt we’ve done some of our own hacking of China’s key systems but news about that doesn’t end up in the papers.
Editor’s Note: Do you enjoy Hot Air’s conservative reporting that takes on the radical left and woke media? Support our work so that we can continue to bring you the truth.
Join Hot Air VIP and use promo code FIGHT to receive 60% off your membership.
