The United States Federal Bureau of Investigation said hackers targeted a sensitive investigative system used to manage surveillance warrants and wiretaps. The incident involved a network that supports lawful electronic surveillance in criminal and national security investigations.
The FBI said it identified suspicious activity on its network and took steps to address the incident. In a statement, the agency said it used its technical capabilities to investigate and respond to the intrusion but did not disclose when the activity occurred or how the attackers gained access. Officials also did not attribute the attack to a specific threat actor.
The system targeted in the incident is known as the Digital Collection System Network, a platform used by investigators to manage court-approved wiretaps and foreign intelligence surveillance warrants. The network is used to collect communications data during investigations involving criminal activity, counterterrorism, and national security threats.
The Digital Collection System Network supports several surveillance tools used by the bureau. One component, known as DCS-3000 or “Red Hook,” is designed to capture signaling information such as phone numbers dialed from a telephone. This information is collected through pen register and trap and trace surveillance orders, which record outgoing and incoming call data but not the content of communications.
Another component, called DCS-6000 or “Digital Storm,” allows investigators to capture the full content of phone calls and text messages when a court-authorized wiretap order has been issued. A third system, DCS-5000, is used for national security surveillance related to foreign intelligence investigations.
Security specialists said a compromise of systems that manage surveillance operations could raise concerns about operational integrity. Gabrielle Hempel, a security operations strategist at Exabeam, said such systems sit at the intersection of intelligence collection, legal authorization, and investigative operations. If a system managing lawful intercept processes were compromised, questions could arise about whether investigations or evidence collection procedures were affected.
Experts also noted that the integrity of evidence collected through electronic surveillance could become an issue if the underlying system were manipulated or accessed by unauthorized parties. Any disruption to the chain of custody or legal authorization records could affect how evidence is handled in federal criminal cases.
The incident occurs as the United States government networks continue to face cyber intrusions from sophisticated threat actors. Analysts have pointed to increased pressure on federal cybersecurity capabilities, including leadership changes and staffing reductions across agencies responsible for defending government systems.
Authorities have not said whether sensitive surveillance data was accessed during the intrusion or whether any investigative operations were affected. The FBI said the matter remains under investigation and did not provide additional details about the scope of the incident.