BOSTON: InfraGuard, an FBI outreach program that shares sensitive information on national security and cybersecurity threats with public officials and private-sector actors who manage US critical infrastructure, has more than 80,000 members, according to a hacker... There is a database of who allegedly pretends to be.
This hacker claims that he has gained access to this database. Late last week, a hacker advertised a price of $50,000 for the entire database on a website forum frequented by online criminals. The hacker has claimed to have posted samples from the database there.
He told independent cybersecurity journalist Brian Krebs, who broke the story, that the hacker pretended to be the CEO of a financial institution to gain access to InfraGuard's online portal. The screening process was said to be surprisingly lax.
Also Read: US politics seek to distance themselves from scandalised donor Bankman -Fried
The FBI chose not to respond. According to Krebs, the organization informed him that it was aware of a possible false account and was investigating it.
InfraGuard's membership is a veritable who's who of critical infrastructure. Business executives, IT specialists, military personnel, state and local laws are in charge of ensuring the security of everything from electrical grids and transportation to health care, pipelines, nuclear reactors, the defense industry, dams and water plants, and financial services. enforcement, and government officials.
It was established in 1996 and is the largest public-private collaboration of the FBI, with regional alliances affiliated with each field office. It often disseminates threat advisories from the FBI and the Department of Homeland Security and serves as a social media platform for select insiders behind closed doors.
Thousands of InfraGuard users are represented in the database by their name, affiliation and contact details. The theft was first reported by Krebs on Tuesday.
On the BreachForums website, the hacker going by the username USDoD claimed that the records of only 47,000 members of the forum -- a little more than half -- contained unique emails.
Additionally, the hacker said that neither birthdates nor Social Security numbers were included in the data. The database had fields for that information, but InfraGuard's security-conscious users had left them blank.
Also Read: Extradition agreement with Singapore approved by Indonesian legislature
However, the hacker told Krebs that he had been sending messages to Infraguard members while assuming the role of CEO of a financial institution in an attempt to gather more personal information that could be used in criminal activities.
The AP sent a private message to the hacker on the BreachForum website. He declined to answer further inquiries or say whether he had found a buyer for the stolen records. Nevertheless, he acknowledged that Krebs' article was "100% accurate."
How the hacker managed to fool the FBI into approving the InfraGuard membership has not been explained by the FBI. In November, the hacker applied for membership in InfraGuard using a contact email address and the CEO's real mobile number, according to Krebs.
According to Krebs, the hacker claimed that Infraguard had approved the application in the first few days of December and that they used emails to obtain one-time authentication codes.
Also Read: As the "zero-COVID" exit becomes complicated, China urges vaccinations for those who are vulnerable
The hacker claimed that once inside, a straightforward software script could be used to easily obtain database information.
