FBI says it’s contained an ‘isolated’ IT security breach • The Register

The FBI claims it has dealt with a cybersecurity “incident” that reportedly involved computer systems being used to investigate child sexual exploitation.

“The FBI is aware of the incident and is working to gain additional information,” a spokesperson said in a statement to The Register. “This is an isolated incident that has been contained. As this is an ongoing investigation the FBI does not have further comment to provide at this time.”

The spokesperson declined to answer questions about the IT security breach, including how intruders gained access to the network and what information they accessed.

CNN first reported the intrusion or infiltration on Friday morning, and said it involved something untoward happening with computers in the FBI’s New York field office.

Austin Berglas, a former FBI agent in the Crimes Against Children unit in New York, told The Register the infected or infiltrated devices are likely contained to a forensic analysis network. In other words, it’s doubtful that the network intruders accessed any classified information: they may have only got as far as the systems for studying and sorting files.

These child exploitation investigations usually involve digital evidence: cell phones, computers, external storage and the like. After the FBI seizes suspects’ devices, they are scanned for malware or other malicious files prior to processing data with specialized forensic software which is used to extract information hidden on the devices, Berglas explained.

“Most likely, an infected device (not intentionally by the owner) was seized/collected and then infected the FBI forensic computer after evading malware scans,” Berglas, who is now at security shop BlueVoyant, told The Register. “These devices would never be processed on classified networks.”

New malware appears daily, so sometimes scans fail to identify…