FBI Classifies Network Breach as "Major Incident" Amid Sophisticated Cyber Threat The FBI has designated a recent breach of its internal networks as a "major incident", a classification reserved for cyberattacks likely to cause significant harm to U.S. interests or expose sensitive data, according to a Bloomberg report on April 2. The breach, detected in February, involved abnormal activity on a network used for surveillance operations and law enforcement intelligence. Investigators found that the threat actor employed sophisticated techniques, including exploiting a commercial internet service provider (ISP) to bypass FBI security controls. The FBI and Justice Department are actively conducting remediation efforts, though details on the extent of the compromise remain undisclosed. This incident follows a pattern of high-profile government breaches. In December 2024, China-backed hackers infiltrated Treasury Department workstations by compromising a third-party cybersecurity vendor, stealing a cloud service encryption key to access unclassified documents. Similarly, in December 2020, Russian-linked hackers targeted multiple U.S. agencies including Treasury and Commerce via a supply chain attack on an IT services provider, prompting an emergency National Security Council meeting. Officials have described these campaigns as large-scale cyber espionage operations, underscoring the persistent threat posed by nation-state actors to U.S. government infrastructure.

Iran-Linked Hacker Group Claims FBI Drone Breach, Threatens World Cup Security An Iran-affiliated hacker group, Handala, has claimed responsibility for breaching FBI-operated drones, alleging access to surveillance footage, facial recognition data, and license plate scans used for counterterrorism. The group, monitored by the SITE Intelligence Group, stated it had infiltrated the drones "for months," capturing "every image and every suspect" from first-person view (FPV) drones deployed by the FBI. In a statement released Friday, Handala issued a veiled threat against the 2026 FIFA World Cup, which began Thursday, warning that "FPVs are everywhere" and could pose risks to teams and events. The FBI is using drones to secure World Cup venues, with flights banned over stadiums and fan zones to prevent unauthorized aircraft. The U.S. Justice Department had previously warned of potential cyber retaliation from Iranian actors following U.S.-Israeli strikes on Tehran in February, which escalated regional tensions. Handala has a history of cyber operations, including a March claim of hacking the email account of an FBI official and leaking personal photos. While Handala provided alleged evidence of the drone breach, SITE disputed the authenticity of the footage, identifying one video as promotional material from a U.S. police department’s 2024 tornado response demonstration. The U.S. State Department has offered a $10 million reward for information leading to the identification of the group’s members.

Email-Based Cyberattacks Dominate 2024 Claims, Outpacing Ransomware in Frequency A new report from San Francisco-based Coalition Insurance reveals that business email compromise (BEC) and funds transfer fraud (FTF) accounted for 60% of cyber insurance claims in 2024—far surpassing ransomware as the most common threat. While ransomware remained the most costly attack type, email-related incidents drove the majority of policyholder losses, with 29% of BEC attacks leading to fraudulent transfers. The 2025 Cyber Claims Report, released this month, highlights a 23% increase in BEC severity year-over-year, with average losses rising to $35,000 per incident. Legal fees, incident response costs, and recovery efforts contributed to the spike. Meanwhile, FTF claims saw a 46% drop in severity, averaging $185,000 per case—down from a record $340,000 in 2023—as financial institutions improved fraud detection, flagging large transactions for review. Despite the decline, FTF losses remain volatile, with one 2024 case involving a $9.3 million fraudulent transfer that was later recovered. Coalition successfully recovered $31 million in stolen funds for clients in 2024, averaging $278,000 per case. The report underscores the role of social engineering in these attacks, with threat actors using AI-enhanced phishing and deepfake audio/video to impersonate executives or trusted entities. The FBI reported that BEC scams in 2023 affected all 50 U.S. states and 186 countries, with losses exceeding $55 million. While ransomware frequency declined by 3%, it remained the most damaging attack type, with average demands dropping 22% to $1.1 million—the first time in two years they fell below seven figures. Akira was the most prevalent ransomware variant, followed by Play, MedusaLocker, RansomHub, and Fog. The cyber insurance market continues to evolve amid rising threats, with global spending projected to grow from $20.88 billion in 2023 to $120.47 billion by 2032. Insurers and cybersecurity firms are introducing AI-driven tools to streamline policy analysis and risk assessment, aiming to improve access and clarity for businesses.