RE: (S//NF) SUCCESSFUL ATTACK AGAINST PUBLIC FOIA WEBSITE

Approved for Release: 2017/03/08 C06228930 From: Sent: To: Cc: Subject: Signed By: Monday June 73 714 3:53 PM oillas E. Wolfe; oseph W. Lambert; RE:15,46Pe71Successful Attack Against Public FOIA Website Classification: Lgaiter (b)(3) (b)(3) (b)(3) (b)(3) (b)(3) (b)(1) (b)(3) Thanks From: (b)(3) Sent: Monday June 23 2014 12.45 PM To: (b)(3) Cc: Douglas E. Wolfe; Joseph W. Lambert; (b)(3) Subject: RE: (540tff7successtul Website Attack Against lublic FOIA Classification: ;seellf (b)(1) (b)(3) From (b)(3) The site was restored to a snapshot from May 8, 2014. No data has been added to the site since that date, so no further updates are needed. However, we did discover this morning that the eFOIA Reque and will not be restored until next week as our developer is on vacation this week. nality is not working, and I agreed to put a (b)(3) notice on the website in the meantime, and to disable the functionality of the form so requests cannot be made. We also notified OPA that the site is back up, but that requests cannot be made electronically. Thanks, (b)(3) Deputy Director C10/1M5 (b)(3) 1 Approved for Release: 2017/03/08 C06228930 Approved for Release: 2017/03/08 C06228930 From: Sent: Monday. e 23, 2014 12:35 PM To: Cc: Douglas E. Wolfe; Joseph W. Lambert; Subject: RE:LSM�ITT Successful Attack Against Public FOIA Website Classification: _artrwiter How far back did you need to go (i.e., how current is the information)? *What if anything will be done to update the data on the site? From: Sent: Monday, June 23 2014 10-54 AM To: Douglas E. Wolfe; Subject: FW:1,Shitt1 Successtul Attack Against Public FOIA Website Classification:esagQRTre Chiefs � fyi. From: Sent: Monday, June 23, 2014 9:49 AM To: Cc: Joseph W. Lambert Subject: FW: 4.SHI1ff7'5uccessful Attack Against Public FOIA Website 2 (b)(3) (b)(1) (b)(3) (b)(3) (b)(3) (b)(3) (b)(3) (b)(1) (b)(3) (b)(3) (b)(3) (b)(3) (b)(3) Approved for Release: 2017/03/08 C06228930 Approved for Release: 2017/03/08 C06228930 Classification: Sioreklear (UllAwl�ble3r1'he site is back up. Please pass on to CIO and D/ClOs. Thanks. From: Serf- mnnri To: ii in 23, 2014 7:04 AM Cc: Subject: RE: ,iliffdr) Successful Attack Against Public FOIA Website Classification: Hi The FOIA ERR website is back up. As we are without programming help this week due to our developer's vacation, an after action report will not be available until next week at the earliest. Thanks, CIO/IMS/RMTG Deputy Branch Chief Project Manager, CADRE, STAIRS From: Sent: Friday, June 20 2014 11-43 AM To: Douglas E. Wolfe; Cc: Joseph W. Lambert' Ebitz; Todd D. Subject: 4640114Successful Attack Against Public FOIA Website Importance: High Classification:.alatEr (b)(1) (b)(3) (b)(3) (b)(3) (b)(3) (b)(1) (b)(3) (b)(3) (b)(3) (b)(3) (b)(3) (b)(3) (b)(3) (b)(3) (b)(1) (b)(3) 3 Approved for Release: 2017/03/08 C06228930 Approved for Release: 2017/03/08 C06228930 al.!) Doug, The CIA's public FOIA webs'te has been successfully hacked, and the damage to the database is unknown. I received the note below from the deputy branch chief who brought this to my attention. (b)(3) (b)(3) (Sirn?Starting June 6,2014, the FOIA Electronic Reading Room team was notified of several denial of service attacks on the public-facing reading room website. These incidents did not result in the website being unavailable, and each one was reported to both and IMS management. As a result of the attacks, a (b)(3) decision was made to apply several security patches to the website to ensure that we would not be vulnerable to future attacks. Unfortunately, a new attack was launched, (b)(1) n June 19 We (b)(3) believe at that time that the site was hit with a attack. Currently, the FOIA ERR website is � completely unavailable. LsAittrrSo far, we have attempted to restore the server to two different snapshots from June, with complete restarts of the server each time. Neither attempt was successful. Our next steps are to move farther back in time to May to see if we can restore to that point in time. We have been elevated ton-1upport with our (b)(3) server hosting company. At this time, we do not have an ETA on when the site will be restored. rOPA an have been notified regarding this outage. ef,Sliitdbl.Background: CIO/IMS/RTMG runs the FOIA Electronic Reading Room on behalf of CIO/IMS/IRRG. The website is managed separate y from the CIA.gov website, which is managed by OPA. The FOIA ERR website/ (Ua,igia�etir We are continuing to work the problem. becomes available. If you have questions, you can reach her at Chief Information Review and Release Group (secure) IRRG: Mission Critical Information Review e updates as more information Classification: szerre Classification: SrEeltEr Classification: ....t.gclAgqi" 4 (b)(3) (b)(3) (b)(1) (b)(3) (b)(3) (b)(3) (b)(3) (b)(3) Approved for Release: 2017/03/08 C06228930 Approved for Release: 2017/03/08 C06228930 Classification: Classification: sperrir Classification: SPerfr' Classification: ag.Q4er. 5 Approved for Release: 2017/03/08 C06228930