Forgot your password?
typodupeerror
United States Security

FBI E-Mail Server Breached 223

Posted by CowboyNeal
from the breaking-and-reading dept.
voma writes "The FBI said Friday it has shut down an e-mail system that it uses to communicate with the public because of a possible security breach. The bureau is investigating whether someone hacked into the www.fbi.gov e-mail system, which is run by a private company, officials said. 'We use these accounts to communicate with you folks, view internet sites, and conduct other non-sensitive bureau business such as sending out press releases,' Special Agent Steve Lazarus, the FBI's media coordinator in Atlanta, said in an e-mail describing the problem."
This discussion has been archived. No new comments can be posted.

FBI E-Mail Server Breached

Comments Filter:
  • by Anonymous Coward on Friday February 04, 2005 @04:36PM (#11575896)
    From: rmueller@fbi.gov
    To: anonymouscoward@slashdot.org
    Subject: The FBI can help you!

    CONFIDENTIAL INFORMATION YOU WANT TO KNOW.

    This is the agency they want banned from the INTERNET!

    "The Federal Bureau of Investigations" shows you how to get the facts on anyone using our files.

    LOCATE MISSING PERSONS, find lost relatives, obtain addresses and phone numbers of old school friends, even skip trace dead beat spouses. This is not a Private Investigator, but a GOVERNMENT agency DESIGNED to automatically CRACK YOUR CASE with links to thousands of our secret files.

    Find out SECRETS about your relatives, friends, enemies, and everyone else! -- even your spouse! With the New - "FBI"

    You will be AMAZED at what you can discover:

    LICENSE PLATE NUMBER - Get anyone's name and address with just a license plate number! (Find that girl you met in traffic!)

    DRIVING RECORD - Get anyone's driving record!

    SOCIAL SECURITY NUMBER - Trace anyone by social security number!

    ADDRESS - Get anyone's address with just a name!

    UNLISTED PHONE NUMBERS - Get anyone's phone number with just a name- even unlisted numbers!

    LOCATE - Long lost friends, relatives, a past lover who broke your heart!

    E-MAIL - Send anyone anonymous e-mail that's completely untraceable!

    DIRTY SECRETS - Discover dirty secrets your in-laws don't want you to know!

    INVESTIGATE ANYONE - Use the sources that private investigators use (all on the Internet) secretly!

    EX-SPOUSE - Learn how to get information on an ex-spouse that will help you win in court! (Dig up old skeletons)

    CRIMINAL SEARCH - BACKGROUND CHECK - Find out about your daughter's boyfriend! (or her husband)

    FIND OUT - If you are being investigated!

    NEIGHBORS - Learn all about your mysterious neighbors! Find out what they have to hide!

    PEOPLE YOU WORK WITH - Be astonished by what you'll learn about the people you work with!

    EDUCATION VERIFICATION - Did he really graduate college? Find out!

    "The FBI" will help you discover ANYTHING about anyone, with clickable hyperlinks and no typing in Internet addresses! Just download the software and go! You will be shocked and amazed by the secrets that can be discovered about absolutely everyone! Find out the secrets they don't want you to know! About others, about yourself!

    LIMITED TIME OFFER -- ORDER TODAY! ONLY $20 (US)

    You can access the "FBI" NOW so you can begin discovering all the secrets you ever wanted to know! You can know EVERYTHING about ANYONE with "The FBI".

    - Works with all Internet Explorer browsers and all versions of AOL
    - Windows Versions available Only!

    DON'T WAIT TO GET STARTED? It's as easy as 1, 2, 3. ORDER TODAY - While this agency is still legal!
  • Request (Score:5, Insightful)

    by mingot (665080) on Friday February 04, 2005 @04:36PM (#11575900)
    Neal, when you post an article like this the only thing anyone cares about is what OS (and especially if it was microsoft) got ownz0red. Please try to put this information in the summary. Thank you.
    • That piece of their e-mail operations was run by AT&T. Or, was that SBC? It's all a blur...
    • by Anonymous Coward
      Neal, when you post an article like this the only thing anyone cares about is what OS (and especially if it was microsoft) got ownz0red. Please try to put this information in the summary. Thank you.

      It may have been non-Microsoft, hence censored.
    • Re:Request (Score:2, Funny)

      by LurkerXXX (667952)
      The 'editors' here don't even read their own site to prevent dupe stories. Now you think they are going to actually read the article posted, and also do background research for it?

      Dream on.

    • Re:Request (Score:3, Insightful)

      by kg4gyt (799019)
      It could be Linux, just with a poor pick for a password, or unpatched, or even configured incorrectly. Can't always immediately blame the OS, configuration can be just as large of a problem.
      • 1 2 3 4

        Isn't that a good password?
        I use it on my luggage too.

      • If only this same attitude was applied to "A WINDOWS MACHINE WAS HACKED!" articles.
        • Re:Request (Score:3, Interesting)

          by BlueTooth (102363)
          THANK YOU! I'm not a MS fanboy or anything, but this is a very good point. A well configured, well patched Windows machine (especially a server) isn't going to be very vulnerable. The same can be said of Linux. Further, an unpatched, poorly configured Windows machine will drop dead very quickly, and the same can be said for Linux. You might even argue that a talentless admin would have an _easier_ time securing up a Windows machine (since sever 2003, anyway, where all services shipped off).

          Yes, there
          • Re:Request (Score:3, Interesting)

            by brlancer (666140)
            I'm not a MS fanboy or anything, but this is a very good point. A well configured, well patched Windows machine (especially a server) isn't going to be very vulnerable.

            I call bullshit.

            Will it be a cakewalk to crack? No. Will it be "very vulnerable"? Yes. Why, you ask? Because there are vulnerabilities that are still unpatched years after reports. Many "minor" vulnerabilities are actually stepping stones to administrator privileges; Bugtraq has more than a few posts regarding stringing a half dozen "mino

            • Perhaps my level of success with Windows is an artifact of lowered expectations...not in terms of security, but in terms of what you can do with it and still have it be secure. My Windows machines live behind a couple layers of firewall, and have most services shut off...I relegate the job of serving things to the public Internet to the Linux box (which also make extensive use of firewalls as a first line of defense).

              IIS, IE, SMB ... these aren't things I would want exposed to the public internet (inciden
          • Yes, I think MS gets more abuse than their software deserves on /.

            Your points are all good except that last one:

            but a lot of this can be attributed to market penetration.

            Consider market penetration of MS IIS vs Apache and consider the number of exploits each has seen.

          • Re:Request (Score:3, Insightful)

            by John Whitley (6067)
            A well configured, well patched Windows machine (especially a server) isn't going to be very vulnerable.

            That's true as long as you say directly vulnerable. However, in any IT shop you also need to consider indirect vulnerabilities. E.g. the server itself may be secure, but someone's got to administer that system periodically. How secure are the system(s) used by the admins, or other systems on the network? All an attacker needs are some common user apps w/ holes on *some* systems that connect to the o
    • Re:Request (Score:4, Funny)

      by say (191220) <sigve@wolfrai[ ].no ['dah' in gap]> on Friday February 04, 2005 @05:02PM (#11576171) Homepage

      But Netcraft confirms it, mail.fbi.gov is dead!

      More seriously, netcraft sez http://www.fbi.gov was running Sun-ONE-Web-Server on Linux when last queried at 4-Feb-2005 18:26:45 GMT. Whatever that is.

    • Re:Request (Score:3, Informative)

      http://uptime.netcraft.com/up/graph?site=www.fbi.g ov [netcraft.com]

      says it is running Linux.

      Perhaps that is why Slashdot didn't post the operating system in the summary.

      • Re:Request (Score:3, Insightful)

        by Anonymous Coward

        says it is running Linux.


        It doesn't really. It says it's hosted by Akamai. Which means that the data is unreliable at best. Netcraft is actually detecting the OS and Web server software of Akamai's content serving nodes, which are most likely completely different from the FBI's actual servers.

        See this FAQ item [netcraft.com] from Netcraft for more information.
      • People, why would this mean that their email server is on that same machine? Most likely it is not. What you need to query is

        smtp00.fbi.gov.

  • How? (Score:5, Funny)

    by The Grey Clone (770110) on Friday February 04, 2005 @04:36PM (#11575901) Homepage
    How was this said in an e-mail if their e-mail server was down?
  • by Anonymous Coward
    From netcraft: Linux Sun-ONE-Web-Server/6.1
  • by Tackhead (54550) on Friday February 04, 2005 @04:40PM (#11575953)
    > "We use these accounts to communicate with you folks, view internet sites, and conduct other non-sensitive bureau business such as sending out press releases," Special Agent Steve Lazarus, the FBI's media coordinator in Atlanta, said in an e-mail describing the problem.

    In a followup e-mail describing the problem, Special Agent Laz Steverus said "No sensitive information was compromised, but today is a good time to remind citizens that the FBI is in posession of approximately 22,000,000,000 (TWENTY TWO BILLION DOLLARS) in uncollected judicial judgements from spammers, a portion of which we're trying to return to you folks. Just visit our web site, and read our press release, and it will instruct you in how to help us get this money back to you..."

  • Cool name. (Score:5, Funny)

    by Gulik (179693) on Friday February 04, 2005 @04:40PM (#11575959)
    Man, what I wouldn't give to be "Special Agent Lazarus." Everything you do sounds cool -- I mean, it might be an utterly boring document about e-mail usage, but you still get to call it "the Lazarus Report."
  • by dos4who (564592) <top_mcseNO@SPAMhotmail.com> on Friday February 04, 2005 @04:41PM (#11575964)
    "'We use these accounts to ...view internet sites...".

    I'm sorry, but when I hear a media spokesperson hiccup like that, my bullshit detector sends up an immediate flag. What was this email server really used for???

  • by Anonymous Coward on Friday February 04, 2005 @04:41PM (#11575981)
    The FBI reportedly surrounded the building (after leaving it) and broke down the front door, only after realizing they had the keys. They confiscated the computers and surrounding evidence for further investigation. "It must be an insider doing the hacking, these systems were secure." said agent r0\/ l337zki.
    • The FBI reportedly surrounded the building (after leaving it) and broke down the front door, only after realizing they had the keys.
      So, after realizing they had the keys, they broke down the front door anyway? Yep, sounds like the FBI alright...
  • by teledyne (325332) on Friday February 04, 2005 @04:42PM (#11575984)
    ... the FBI, for a short time, became mysteriously more productive within the span of 12 hours. Some say that their coffee was spiked with a new secret uber-caffeine, while others say a lack of spam in their e-mail boxes allowed them to work more freely.

    Not only that, but personnel over at the Central Intelligence Agency as well as the National Security Agency have also become more friendlier. One employee was noted saying, "Thank God! I was so fucking tired of those guys sending me pics of Goatse!"
  • Non Event (Score:5, Informative)

    by I8TheWorm (645702) on Friday February 04, 2005 @04:42PM (#11575992) Journal
    The key phrases are run by a private company and We use these accounts to communicate with you folks, view internet sites, and conduct other non-sensitive bureau business such as sending out press releases.

    I'm sure, like the NSA, that the FBI has (at least) two networks. One that is internal only for confidential/sensitive communication/files, and one for outside communication such as this one. At the NSA, they are completely seperate, with no ability to copy/move files from one to the other.
    • All you need is one floppy disk, or one hard copy.
      • Yes, but no ability to copy/move files from one to the other, at least with regards to the NSA, means no floppies, no USB, etc... Really, meaning no ability at all.
        • ...with regards to the NSA, means no floppies, no USB, etc... Really, meaning no ability at all.

          I'm pretty sure the fine folks at Ft. Meade don't confiscate eyeballs and fingers. But admittedly, if you can't trust your personnel to not deliberately transfer data manually between nets, you might as well fire them all.

  • Oh shoot (Score:4, Funny)

    by SilverspurG (844751) * on Friday February 04, 2005 @04:43PM (#11576002) Homepage Journal
    How was I supposed to know?

    I'm sitting here in the training cubicle. The guy in the cube next to me decides to check his voicemail... ON SPEAKERPHONE. After he dials in his password (for the entire office to hear) I call softly over the cube wall,"I now have your password."

    A tense silence followed, and I could tell that the general perception was "Yeah right--you're just the new guy."

    So I brought up my handy DTMF generator and started replaying his password over and over (at a low volume, but just loud enough so that people in adjacent cubes could hear).

    How was I supposed to know that he had the Admin password for the e-mail server stored in his voicemail?

    At the same time... What sort of dumbass checks their voice mail on speakerphone in public office space?
    • Our phone switch doesn't actually play the DTMF tones; it just gives a short "beep" to let you know you've entered a digit....

      On the other hand, it does show up on the display, though, so I'm sure some of the more creative people could just pick up a random phone, hit redial, and watch the numbers fly by, noting that certain combinations of numbers aren't passwords (3337 skips through a message and erases it) etc.
  • by toocoolforschool (848274) on Friday February 04, 2005 @04:44PM (#11576009)
    Director Mueller wants his email (gunslinger_cute@fbi.gov) back with a vengeance.
  • by flinxmeister (601654) on Friday February 04, 2005 @04:46PM (#11576023) Homepage
    I have worked with FBI agents on a few things, and I can't imagine this email server didn't have sensitive info flow through it.

    I'm sure it's FBI policy to avoid it, but it's like a bank...how many people do you think send account numbers, SSN's, etc. to a bank via email? Do you think most people are going to see "fbi.gov" and not think it's safe to email them?

    Regardless of what they say, IF this server was compromised, I bet the attacker saw all sorts of interesting things. It's not their fault, but it's probably more serious than they are letting on.
    • Too many.

      It's even more surprising to see the number of people who think a bank's domain "kind of looks like their own bank" and go ahead to register for online banking (giving SSN's, addresses, and account numbers) to the wrong bank - often in the wrong country.

    • I'm sure it's FBI policy to avoid it, but it's like a bank...how many people do you think send account numbers, SSN's, etc. to a bank via email?

      And what makes you think we don't monitor for that type of thing? Heaven help the fool who sends sensitive customer information unencrypted out of here. Re-education with a large wooden mallet usually ensues.
  • Or did he? (Score:5, Funny)

    by NMerriam (15122) <NMerriam@artboy.org> on Friday February 04, 2005 @04:46PM (#11576029) Homepage
    Special Agent Steve Lazarus, the FBI's media coordinator in Atlanta, said in an e-mail describing the problem.

    Is this some sort of intelligence test? You get an email press release from someone saying the email account they use for press releases isn't reliable?
  • by PMuse (320639) on Friday February 04, 2005 @04:47PM (#11576037)
    'We use these accounts to communicate with you folks, view internet sites, and conduct other non-sensitive bureau business such as sending out press releases,' Special Agent ... Lazarus said ...

    We'll be seeing the first article any time now about classified material having been sent over this server. Some one start a pool.
  • hm (Score:2, Funny)

    by EMH_Mark3 (305983)
    Does that mean we need to change our passwords again?

  • According to the BetaNews Article [betanews.com] Officials said the actual risk of a system compromise was fairly low. So the question is, what did the sysadmin see that prompted him to shut the system down?
    • Perhaps the risk of a system compromise? An analogy might be bomb threats - while almost all are made by bored kids looking to stir up trouble, the potential for damage if the threat is real means it's prudent to evacuate the area, call in the bomb squad, and take other preventative measures. Similarly, although the risk of a system compromise is low, it is not a bad idea to take the system offline and make absolutely sure it is safe before any other buisiness is conducted through it.

      In cases like this,

  • Lazarus? Really? Special Agent Jesus? By definition he should be able to resurrect the server and dole out retribution.
  • by b00m3rang (682108) * on Friday February 04, 2005 @04:54PM (#11576112)
    How could someone actually read someone else's email without their permission? Next these crackers will be listening to other people's phone calls. Then what, a knock on the door in the middle of the night?
  • by eno2001 (527078)
    The FBI said Friday it has shut down an e-mail system that it uses to communicate with the public because of a possible security breach. The bureau is investigating whether someone hacked into the www.fbi.gov e-mail system, which is run by a private company, officials said. 'We use these accounts to communicate with you folks, view internet sites, and conduct other non-sensitive bureau business such as sending out press releases,' Special Agent Steve Lazarus, the FBI's media coordinator in Atlanta, said in
  • zerg (Score:5, Funny)

    by Lord Omlette (124579) on Friday February 04, 2005 @05:03PM (#11576179) Homepage
    Out of curiosity, does the FBI have any "normal" agents? Cause if they're all "special" agents, are they really that special?
    • Re:zerg (Score:3, Informative)

      by vanza (125693)
      A guy who used to work with me joined the FBI and got a "special agent" title right away. He also said everybody there was a "special agent", so maybe they just want to feel special.
    • Re:zerg (Score:2, Interesting)

      Out of curiosity, does the FBI have any "normal" agents? Cause if they're all "special" agents, are they really that special?

      It's a way of constraining them. If you ever go to a federal building and see a bunch of people standing around claiming to be the "Federal Police," they're actually titled "special

      police officers." The reason for this is that no Fed actually has true general police powers. The way the statute is written, they have the powers of "sheriffs and constables" when in the course of som

  • Sending out press releases designed to provoke your suspect is a tried and tested method in law enforcement. What if they had a mission-critical email server that had been hacked but had to stay online no matter what? (Think of secure intelligence channels.) This press release could be to try and prevent him from coming back...

    It would also explain how they were able to send the email ;)
  • by Greyfox (87712) on Friday February 04, 2005 @05:14PM (#11576267) Homepage Journal
    I mean look at the recent news. Not like they employ the brightest IT grapes in the bunch. I guess the NSA is snapping up all of those guys. Notice how whenever you hear about some government agency fucking up an IT project, it's never the NSA? So we know where all of the good IT talent in the government is...

    I guess I shouldn't hit below the belt like that but I'm still pissed off about millions of my dollars (And they were all MY dollars thptt!) being wasted on Virtual Case File. I bet some corrupt individuals got really, really rich off that project, too...

  • Who wants to bet? (Score:2, Interesting)

    by hanshotfirst (851936)
    I'll wager 10:1 the "hacker" breaching the system was the RIAA bot searching for P2P software and mp3's on the server.

    Originally I started thinking of this post as a joke, THEN I started thinking... what if the FBI really DID have a server with a collection of confiscated mp3's being held as "evidence" for "review" by agents at their convenience? And what if RIAA really did have such as hack-bot programmed and authorized to shutdown P2P systems?

    Food for thought.

  • Did anyone else notice that the RIAA spokesman's name is "Lamy"?
  • I heard that special agent Lazarus was currently trapped somewhere between matter and anti-matter doing battle with his counterpart from an alternate universe.

    Frankly, I think we've all been duped by this false news post.

  • An "E-mail system used to communicate with the public" sounds like an Internet facing SMTP gateway. I can't be sure, obviously, but that's the most likely type of a system that got "breached". The really juicy stuff, the e-mail servers that host the mailboxes, would be on the internal network, and much better protected against hacks.

    If an SMTP gateway was supposedly "breached", what could that entail? Somebody was able to relay through the server? Wooo, big deal! There are like a bazillion open relays out
  • by jav1231 (539129)
    One way you can tell it isn't within the FBI is that they aren't saying, "Yeah, George "DarkRathe" Smith hacked into our mail server." A buddy of mine did this years ago. I believe it was either a government web server or they had a list of modem numbers they were hacking. They got in. Played around for about an hour before the knock came at the door. The guys at the door were not amused.
  • "We use these accounts to communicate with you folks, view internet sites, and conduct other non-sensitive bureau business such as sending out press releases," Special Agent Steve Lazarus, the FBI's media coordinator in Atlanta, said in an e-mail describing the problem.

    He went on to say, "This b0x p0wn3d by daHax0r2000"
  • With a name like that he should have his own TV show and action figure!

    They could even merchandise a breakfast cereal. Kids could help him by buying cereal to defeat the Evil Doctor Haxxor and his army of netbots
  • Obviously this is just some rabid Smallville fan trying to get a leg up on the competition for the Get Lex Sweepstakes [thewb.com] where you gain access to Lex Luthors email account. By hacking the account, he figured he'd be able to change the password and lock everyone out of the WB competition. Of course, he figured Lex might not have an email account at the FBI, but he figured it was as good as any a place to start... well... turns out Lex didn't. Lex does however have a lexluthor@verizon.com address. So the perp
  • Us & Them (Score:3, Interesting)

    by MSTCrow5429 (642744) on Friday February 04, 2005 @08:17PM (#11578570)
    'We use these accounts to communicate with you folks, view internet sites, and conduct other non-sensitive bureau business such as sending out press releases.'

    You folks? Gee, thanks alot, we don't trust you much either.

When the weight of the paperwork equals the weight of the plane, the plane will fly. -- Donald Douglas

Working...