Crackas With Attitude (CWA), the hacker group that recently claimed they breached CIA Director Mark Brennan’s personal AOL email account in October, as well as FBI Deputy Director, Mark Giuliano’s personal AOL email account are now claiming that they have breached the FBI’s Law Enforcement Enterprise Portal (LEEP). The agency describes the portal as being “a secure Internet-based information sharing system available to agencies around the world that are involved in law enforcement, first response, criminal justice, anti-terrorism, intelligence and related matters.”
On November 5th CWA leaked the names of 2,400 federal, local, and state law enforcement agents on text-sharing websites PasteBin and Cryptobin. However, the leaked data has not been verified, but includes federal FBI agents, a Troy, Michigan, detective, and agents working at the U.S. Department of Transportation Diplomatic Security Service. This was followed by CWA posting a tweet on November 8th showing a screenshot of the FBI’s Virtual Command Center/Special Interest Group Address Book that includes a database of 9,046 members’ names, titles, employers and location. This database has been used by the FBI to coordinate over 5,500 cases in the past decade such as active shooter incidents, child abductions, terrorist attacks and threats.
The initial data dump on November 5th, marks an important day (Guy Fawkes Day), which which is now synonymous with global hacking group “Anonymous”. CWA claimed in a recent interview with Wired magazine that they are not part of Anonymous, but are good friends. Another tweet from CWA on November 8th threatened to release additional classified information if US funding for Israel is not stopped.
The significance of the breach of LEEP is that it apparently permitted the hackers to gain access to nearly 20 other law enforcement information sharing portals and investigation tools due to an unknown security vulnerability. Other portals breached include the Internet Crime Complaint Center (IC3), Homeland Security Information Network, and Joint Automated Booking System (JABS). CWA’s breach of JABS is particularly worrisome for federal law enforcement officials and the public since it could lead to criminals listed in the database getting tipped off so they can avoid being apprehended.
CWA’s cyberattack on U.S. federal law enforcement information sharing and investigative tools is tied to the hacker group’s strong political affiliations. It will be interesting to see how the U.S. government and FBI respond to CWA’s attempt at political cyber blackmail. However, it is very unlikely that the U.S. government will agree to meet their stringent demands.
About IPR Secure
At IPR Secure IT security is paramount and our 99.99% reliable Tier 3 data centers ensure that our client’s critical business information is protected at all times. Learn more about our highly secure, IT security cloud solutions, such as IPR Secure Cloud, IPR Regulatory-Enforced Cloud or IPR Dedicated Private Cloud or call us today at 877.282.4873.
DataBreachToday.com. Hackers Claim FBI Information-Sharing Portal Breached.
Wired.com. CIA Email Hackers Return With Major Law Enforcement Breach.