RE: (S//NF) SUCCESSFUL ATTACK AGAINST PUBLIC FOIA WEBSITE

Approved for Release: 2017/03/08 C06228929 From: Sent: To: Cc: Subject: Signed By: Michele L Meeks Monday, June 23, 2014 4:05 PM RE: �5,40/fr Successful Attack Against Public FOIA Website Classification:�WEIne Thank you -M N1 (b)(3) (b)(3) (b)(3) (b)(3) (b)(1) (b)(3) (b)(3) From: (b)(3) Sent: Friday, June 20, 2014 11:59 AM To Michele L. Meeks (101(31 Cc (b)(3) Subject: FW: (5,414F) Successful Attack Against Public FOIA Website Importance: High Classification: ea,ECitstre Fli Michele & In case and have not passed this along, we wanted to forward Until the website is restored, there will be no requests coming through the eFOIA request form. In chatting with OPA earlier this afternoon, they've reported a few phone calls from members of the public who were upset that they could not submit FOIA requests. OPA is reminding all callers that they can do snail mail or fax as well for requests. Thanks, CIO/IMS/RMTG Deputy Branch Chief Project Manager, CADRE, STAIRS (b)(1) (b)(3) (b)(3) (b)(3) (b)(3) (b)(3) (b)(3) Approved for Release: 2017/03/08 C06228929 Approved for Release: 2017/03/08 C06228929 From: Sent: Friday, June 20, 2014 11:43 AM To: Douglas E. Wolfe; Cc: Joseph W. Lambert; EbiU; Subject: 46/14e7Successful Attack Against Public FOIA Website Importance: High Classification: _ES.7.roFt-Er .(S.14141frboug, damage to the database is unknown. who brought this to my attention. Todd D. The CIA's public FOIA website has been successfully hacked, and the I received the note below from the deputy branch chief 44,401177Starting June 6,2014, the FOIA Electronic Reading Room team was notified of several denial of service attacks on the public-facing reading room website. These incidents did not result in the website being ffi unavailable, and each one was reported to bon-4nd IMS management. As a result of the attacks, a decision was made to apply several security patches to the website to ensure that we would not be vulnerable to future attacks. Unfortunately, a new attack was launched This occurred on June 19 ttack. Currently, the FOIA ERR website is believe at that time that the site was hit with a completely unavailable. ith'ittrrr So far, we have attempted to restore the server to two different snapshots from June, with complete restarts of the server each time. Neither attempt was successful. Our next steps are to move farther back in time to May to see if we can restore to that point in time. We have been elevated to support with our server hosting company. At this time, we do not have an ETA on when the site will be restored. aift0PA an have been notified regarding this outage. (...S,44trjBackground: CIO/IMS/R"FMG runs the FOIA Electronic Reading Room on behalf of CIO/IMS/IRRG. The website is managed separately from the CIA.gov website, which is managed by OPA. The FOR ERR (b)(3) (b)(1) (b)(3) We (b)(1) (b)(3) � updates as more information becomes available. If you have questions, you can reach her at (UHAIU0) We are continuing to work the problem. IC n ormation Review and Release Group (secure) 2 (b)(3) (b)(3) (b)(3) (b)(3) (b)(3) Approved for Release: 2017/03/08 C06228929 Approved for Release: 2017/03/08 C06228929 IRRG: Mission Critical Information Review Classification: -seelinnt Classification: girroLaRe Classification: 3 Approved for Release: 2017/03/08 C06228929