A Russian hacker broke into the FBI (Federal Bureau of Investigation), stealing sensitive InfraGard database data and selling it on the dark web.
According to the information, a Russian hacker named “USDoD” broke into the FBI’s programme for sharing information, which is called “InfraGard,” last month. After hackers stole an internal database with information about more than 10,000 InfraGard members, they put the information up for sale on the Dark Web Marketplace. Anyone can buy all of the information for 50,000 dollars. The hacker told Krebs that the high price set for the data was a negotiating tactic: “I don’t think someone will pay that price, but I have to (price it) a bit higher to (negotiate) the price that I want,” they said.
InfraGard is a group of people from the private sector and the Federal Bureau of Investigation (FBI) who work together to protect U.S. Critical Infrastructure. It is an information-sharing network designed to allow high-level professionals both in and out of the government to collaborate on issues of cybersecurity and defense. InfraGard’s membership includes security pros from government agencies and major corporations. Through seamless collaboration, InfraGard connects owners and operators within critical infrastructure to the FBI, to provide education, information sharing, networking, and workshops on emerging technologies and threats.
In the field of cyber – security, information sharing is the most popular way for institutions for helping and protect themselves from such kinds of cyberattacks. Even though that is what InfraGard is supposed to do, the FBI seems to have missed the threat of a hacker looking through their network.
Hackers from the “USDoD” say they broke into InfraGard’s secure environment and stole information from co-op executives. The hackers used the executive’s social security number, birthday, and other aspects for enter the InfraGard (It is still unclear where the hacker got the executive’s information, but such data can also be purchased on the Dark Web). After getting the login information, it seemed like the FBI accepted the hacker’s application without much scrutiny within a few weeks. Once granted access to the org’s internal environment, USDoD says they used a simple Python script aimed at one of the website’s Application Programming Interfaces (APIs) to call up and steal personal information on the other participating members. And after getting all the database stolen, within few days they launched that content to Dark Web Marketplace for sale.
But it is still unclear, that the data stolen by ‘USDoD’ hackers is valuable or not. As, lot of the accounts in the database are missing critical pieces of personal information, such as birthdays, social security numbers, and emails.