Feb 6, 2013
As was reported on Monday, among the numerous files hacked and leaked in the past week by the Hacker group Anonymous was a database of some 4606 regional bankers together with copious amounts of confidential information, which according to Anonymous’ twitter account was sourced at the very Federal Reserve, which in turn would imply that the Fed itself had been hacked.
It would also imply that our rhetorical suggestion from nearly two years ago had actually been taken seriously by Anonymous. To wit, from March 2011: “perhaps in the aftermath of the IMF “very major breach” by anonymous hackers, it is really time to make sure all external access points toFedWire and FedLine are truly safe and sound. It will be very sad if it is uncovered that this source of externally accessible portal to hundreds of billions in emergency Fed funding has been somehow compromised. Just imagine the loss of confidence in the system… Why, a global distributed attack would really stretch the Fed’s 1,200-strong police force quite thin.” Moments ago the Fed confirmed that it had, indeed, been hacked by Anonymous.
The Federal Reserve said on Tuesday that one of its internal websites had been briefly breached by hackers, though no critical functions of the central bank were affected by the intrusion.
The admission, which raises questions about cyber security at the Fed, follows a claim that hackers linked to the activist group Anonymous had struck the Fed on Sunday, accessing personal information of more than 4,000 U.S. bank executives, which it published on the Web.
“The Federal Reserve system is aware that information was obtained by exploiting a temporary vulnerability in a website vendor product,” a Fed spokeswoman said.
“Exposure was fixed shortly after discovery and is no longer an issue. This incident did not affect critical operations of the Federal Reserve system,” the spokeswoman said, adding that all individuals effected by the breach had been contacted.
While it appears that neither FedWire nor FedLine had been hacked, an internal database containing highly confidential login, and various other, information for at least some Fed-related services had indeed been compromised.
The Fed declined to identify which website had been hacked. But information that it provided to bankers indicated that the site, which was not public, was a contact database for banks to use during a natural disaster.
The website’s purpose is to allow bank executives to update the Fed if their operations have been flooded or otherwise damaged in a storm or other disaster. That helps the Fed to assess the overall impact of the event on the banking system.
Which in turn means the two most critical, externally-accessible money clearing websites in all of the developed world, remain possible security threats.
As for the contents of the leaked database which was removed from its original resting place in yet another hacked DOJ server, they can still be found in one of the various mirrors created in the aftermath of Sunday night’s hack, such as this one.
This article was posted: Wednesday, February 6, 2013 at 7:21 am