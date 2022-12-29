The Federal Motor Carrier Safety Administration has confirmed that an outside group has been trying to access its public portal using stolen user passwords.

A pro-Russian hacking group named Killnet recently claimed on social media that it breached the portal.

FMCSA told Land Line that none of its internal systems had been compromised and that its security teams are monitoring the situation.

The agency posted a message about the hack attempt on its portal website earlier this month. FMCSA has advised all account holders to immediately change their passwords to protect their credentials.

In addition to its claims of hacking FMCSA’s portal, Killnet said it has infiltrated the FBI’s database, allegedly stealing the personal information of more than 10,000 U.S. federal agents.

In November, Killnet also claimed to take down Elon Musk’s Starlink satellite broadband service and White House websites.

Cybersecurity concerns

A 2021 investigation into FMCSA’s web servers found them to be vulnerable to a malware attack.

The U.S. Department of Transportation’s Inspector General outlined the problems with FMCSA’s information technology infrastructure in a recent audit report.

FMCSA uses 13 web-based applications to aid vehicle registration, inspections and other activities. Many of FMCSA’s information systems contain sensitive data, including personal identifiable information. The audit was conducted to determine if there were any security weaknesses.

“We found vulnerabilities in several agency web servers that allowed us to gain unauthorized access to FMCSA’s network,” the U.S. DOT report said. “FMCSA did not detect our access or placement of malware on the network in part because it did not use required automated detection tools and malicious code protections.”

According to the report, investigators gained access to 13.6 million unencrypted records of personal identifiable information. The DOT’s Office of Inspector General said it could have cost FMCSA up to $570 million in credit monitoring fees if malicious hackers had obtained the information.

“These weaknesses put FMCSA’s network and data at risk for unauthorized access and compromise,” the report said.

The DOT Inspector General issued 13 recommendations to guard against such an attack. According to the report, all 13 recommendations had been completed.

The FMCSA’s National Registry of Certified Medical Examiners website experienced a lengthy outage in 2017 and 2018 after a security breach. LL