RE: (S//NF) SUCCESSFUL ATTACK AGAINST PUBLIC FOIA WEBSITE

Approved for Release: 2017/03/08 C06228934 From: Sent: To: Subject: Signed By: Monda Classification: Lishcael.- June 23, 2014 7:21 AM Successful Attack Against Public FOIA Website Thanks for the good news update Jennifer! From: Sent: Monday, June d 2014 7:04 AM To: Cc: Subject: RE:ajal.4149-Slteressful Attack Against Public FOIA Website Classification: Hi Sipeencre The FOIA ERR website is back up. As we are without programming help this week due to our developer's vacation, an after action report will not be available until next week at the earliest. Thanks CIO/IMS/RMTG Deputy Branch Chief Project Manager, CADRE, STAIRS From: Sent: Friday, June 20, 2014 11:43 AM To: Douglas E. Wolfe Cc: Joseph W. Lambert; Ebitz; (b)(3) (b)(3) (b)(3) (b)(3) (b)(1) (b)(3) (b)(3) (b)(3) (b)(3) (b)(1) (b)(3) (b)(3) (b)(3) (b)(3) (b)(3) (b)(3) (b)(3) Todd D. (b)(d) Approved for Release: 2017/03/08 C06228934 Approved for Release: 2017/03/08 C06228934 Subject4eW/115-Successful Attack Against Public FOIA Website Importance: High Classification: �Ural' ffiliktieDoug. The CIA's public FOIA website has been successfully hacked, and the damage to the database is unknown. I received the note below from the deputy branch chief who brought this to my attention. soC,Shaientarting June 6,2014, the FOIA Electronic Reading Room team was notified of several denial of service attacks on the public-facing reading room website. These incidents did not result in the website being unavailable, and each one was reported to both and IMS management. As a result of the attacks, a decision was made to apply several security patches to the website to ensure that we would not be vulnerable to future attacks. Unfortunately, a new attack was launched, lhis occurred on June 19 attack. Currently, the FOIA ERR website is believe at that time that the site was hit with a completely unavailable. (b)(1) (b)(3) (b)(3) (b)(3) 1.Lal4e-ro far, we have attempted to restore the server to two different snapshots from June, with complete restarts of the server each time. Neither attempt was successful. Our next steps are to move farther back in time to May to see if we can restore to that point in time. We have been elevated to support with our (b)(3) server hosting company. At this time, we do not have an ETA on when the site will be restored. 4.104+17 OPA and ave been notified regarding this outage. (b)(3) Background: CIO/IMS/RTMG runs the FOIA Electronic Reading Room on behalf of (b)(3) CIO/IMS/IRRG. The website is managed separately from the CIA.gov website, which is managed by OPA. The FOR ERR websitet_ (1.111,anleine are continuing to work the problem. becomes available. If you have questions, you can reach her at will provide updates as more information Chief Information Review and Release Group (secure) IRRG: Mission Critical Information Review 2 (b)(3) (b)(3) Approved for Release: 2017/03/08 C06228934