FBI’s cybersecurity infosharing partnership breached, hacker selling details for $50,000

Share - Shperndaje

A hacker is attempting to sell a database containing the personal information of more than 88,000 members of InfraGard, an FBI-affiliated organization that helps the bureau partner with security experts in the private sector.

The data, as first reported by cybersecurity reporter Brian Krebs, first appeared on a notorious hacking forum on Saturday and is currently being sold for $50,000. The cache is said to mostly contain the names of InfraGard members as well as a small number of email addresses. An even smaller number of entries include a date of birth and Social Security Number.

InfraGard, according to the mission statement on its website, aims “to promote ongoing dialogue and timely communication between members and the FBI specifically concerning the security of, vulnerabilities in, and threats to critical infrastructure entities.”

The list of names contains what Krebs describes as “a vetted Who’s Who of key people” working in both cyber and physical security at “drinking water and power utilities, communications and financial services firms, transportation and manufacturing companies, healthcare providers, and nuclear energy firms.”

The hacker, who goes by the name USDoD, says they were able to gain access to the database after applying for membership to InfraGard in November using the personal details of the head of a major U.S. financial corporation. Shockingly, the phony application was accepted less than a month later.

Although Krebs says he contacted the FBI prior to publication, the hacker still retained access to the InfraGard system as of Tuesday. On Wednesday, the FBI confirmed to Krebs that it was aware of reports regarding the hacker’s alleged access.

“This is an ongoing situation, and we are not able to provide any additional information at this time,” the FBI said.

The hacker, as revealed by screenshots from InfraGard’s internal portal, has already begun using the fake account to build relationships with high-profile members. Such activity could be used for further malicious activity in the future.

In a statement to the Daily Dot, Dr. Ilia Kolochenko, Adjunct Professor of Cybersecurity & Cyber Law at Capitol Technology University, warned that such a breach could potentially lead to “devastating consequences.”

“Organized cybercrime groups will readily pay $50,000 to get sensitive personal details of cyber investigators and law enforcement officers to launch sophisticated phishing attacks and impersonation campaigns, trying to get privileged access to other highly sensitive resources or governmental databases by reusing stolen information,” she said.

It currently remains unclear whether the data has been sold. The hacker noted in their post that the data would be sold “one time only.”

Sign up to receive the Daily Dot’s Internet Insider newsletter for urgent news from the frontline of online.

Source: https://www.dailydot.com/debug/hacker-selling-infragard-fbi-data-88000/

Share - Shperndaje