The Department of Homeland Security is investigating a cyberattack that compromised the Homeland Security Information Network (HSIN), a sensitive information-sharing platform used by federal, state, local, and private-sector partners.
The intrusion, first reported by Nextgov, was carried out by an unknown threat actor in recent weeks and is believed to have occurred sometime between late May and early June, according to two people familiar with the matter who spoke on the condition of anonymity.
DHS is currently investigating the attack and has reportedly not attributed it to any specific threat actor or foreign governments. Whether any documents were stolen from the system also remains unclear.
According to Nextgov's sources, the threat actors targeted HSIN servers as well as a SharePoint system used for collaboration efforts. The department's Office of Intelligence and Analysis has since conducted a damage assessment of the breach.
The Homeland Security Information Network is a DHS platform for sharing sensitive but unclassified information among government, international, and private-sector partners.
Approved users can use the network to access data, exchange requests with partner agencies, manage operations, coordinate safety and security for planned events, respond to incidents, and share critical information needed to protect their communities.
The platform supports real-time communication, alerts, and incident management, and is also used to exchange information about persons of interest and potential threats.
As the United States is currently overseeing security for World Cup games hosted across the country, Nextgov raised concerns that the breach could have exposed security planning, interagency coordination, or response procedures.
In a statement, a DHS spokesperson confirmed the incident to BleepingComputer while emphasizing that classified systems were not affected.
"The Department of Homeland Security is aware of a recent cyber incident involving a specific, unclassified legacy information sharing environment," DHS told BleepingComputer.
... continue reading