The FBI has been in the news lately, particularly for their fight with Apple over backdoor access to unlock a suspected terrorist's iPhone. Because of that, the government agency hasn't gained much favoritism in the public eye. And now, it looks like it has another problem on its hands.
In a recently published bulletin, the FBI admitted to being hacked by a group called Advanced Persistent Threat 6. The bulletin explained that hacks had occurred as early as 2011, which means sensitive data could have been stolen for years before it was noticed.
Details regarding the actual attack and what government systems were infected is scant. Government officials said it knew the initial attack occurred, but were unaware of who was specifically behind the attacks. “Given the nature of malware payload involved and the duration of this compromise being unnoticed – the scope of lateral movement inside the compromised network is very high possibly exposing all the critical systems,”
The FBI said the “group of malicious cyber actors” used dedicated top-level domains in conjunction with the command and control servers to deliver “customized malicious software” to government computer systems. A list of domains is listed in the bulletin.
In its bulletin, the FBI wrote: “The FBI has obtained and validated information regarding a group of malicious cyber actors who have compromised and stolen sensitive information from various government and commercial networks.
The FBI opted out of sharing attack specifics and issued a statement calling the alert a routine advisory instead. They did, however, share that the group has been operating since at least 2008 and has targeted both Chinese and U.S. relations experts by using spear phishing and malicious PDF and ZIP attachments.
Experts believe these attacks are widespread and not limited to the U.S. federal government system.