Posted on February 27, 2023 at 8:37 AM
Hackers target US Marshals system stealing sensitive information
The US Marshals Service was targeted by a major security breach that happened in February 2023. The breach happened after threat actors gained access to a computer system and stole sensitive data. The computer system had personal information about agency employees and investigative targets.
Hackers target US Marshals system
The Marshals Service is under the US Justice department, and it is one of the most crucial agencies in the US. The service is tasked with protecting judges. They are also involved in other duties such as transporting federal prisoners and managing the federal witness program.
The reports on this breach have said that the breach did not affect the federal witness program. However, the threat actors managed to obtain access to information about several fugitives being sought by US federal authorities.
Officials at the US Justice Department have said that the hackers behind this breach used ransomware. The breach happened on February 17, and it was labeled a “major incident” by the Marshals services spokesman, Drew J. Wade.
The breach comes when the US government is aggressively taking measures to protect federal agencies from the growing threat of cybersecurity attacks that threaten domestic security and critical infrastructure. This attack joins similar breaches that have undermined the efforts made by the US government to protect sensitive information from hackers.
In recent years, there has been a significant increase in the frequency, scale, and sophisticated nature of ransomware attacks. In ransomware attacks, hackers steal sensitive information to extort individuals or institutions. These hackers threaten to publish the stolen information if they are not paid a certain amount of money.
The system that was affected in the recent breach of the Marshals service contained a wide range of sensitive information that might have given the hackers the upper hand in demanding for payment. Officials from the Marshals Service said that they disconnected the affected computer system after detecting the breach.
According to Wade, the compromised computer system contained details such as “law enforcement sensitive information, including returns from legal process, administrative information and personally identifiable information pertaining to subjects of USMS investigations, third parties, and certain USMS employees.”
The Marshals Service is currently investigating the origin of this hacking attack. The department is also working to assess the damage caused by the hackers. Officials from the agency are also rushing to limit the impact caused by the theft of sensitive personal and investigative information.
Breach comes amid rise in hacking attacks
This breach targeting the US Marshals service comes when hacking attacks have been on the rise. In recent years, several government agencies have been targeted by threat actor groups that have managed to infiltrate their systems.
The methods used by hackers have evolved significantly in recent years, making it more challenging for government agencies to keep up. These hackers have acquired tools and the expertise needed to steal sensitive data that can disrupt critical infrastructure while extorting payments from victims. Those targeted by these hackers include individuals and large corporations.
One of the main hacking attacks that happened in the United States happened during the last year of the Trump administration. The breach led to compromised networks of over 250 federal agencies and businesses. Some agencies affected by the breach include the Treasury, Commerce, State, and Energy Departments.
In 2015, there was also a slew of hacking attacks on government computers. The hacks were believed to originate from China, and they led to the theft of personal information belonging to around 21.5 million people. The stolen information includes addresses, financial history, and other private data. The hackers also accessed the personnel data and the fingerprints belonging to federal employees.
There have also been smaller data breaches targeting groups linked to the federal government. In 2018, Chinese state-sponsored hackers stole sensitive data from a Navy contractor. In 2019, another breach compromised tens of thousands of images of license plates and travellers. The breached information was stored by the Customs and Border Protection.
Nevertheless, the Biden administration is remaining vigilant to combat these ransomware attacks and ensure that critical infrastructure and domestic security is not compromised. The current administration has placed fighting ransomware as a national security priority.
The US government has managed to recover ransoms and thwart any attempts at extortion. The Biden administration has also been dismantling criminal groups linked to ransomware attacks to ensure that private individuals and corporations are guaranteed cybersecurity.