In a breach senior FDIC officials believe was sponsored by China's military, source with knowledge of the matter said that the FBI is investigating how hackers infiltrated computers at the Federal Deposit Insurance Corporation for several years beginning in 2010, Reuters reported.
Also the target of a probe by a congressional committee is the security breach which included gaining access to the workstation for former FDIC Chairwoman Sheila Bair, hackers broke into dozens of computers.
In the United States, one of three federal agencies that regulate commercial banks was the FDIC. It has access to records on millions of individual American deposits and it oversees confidential plans for how big banks would handle bankruptcy.
Reuters report3d citing sources that view of internal communications between senior FDIC officials related to the hacking were allowed last month by the banking regulator to congressional staff. The sources reportedly said that in the exchanges, the officials referred to the attacks as having been carried out by Chinese military-sponsored hackers. The exchanges however did not explain why the FDIC officials believe the Chinese military was behind the breach.
There was no comments from FDIC spokeswoman Barbara Hagenbaugh.
According to a 2013 internal probe conducted by the FDIC's inspector general, an internal watchdog, the FDIC persisted into the next year and possibly later, with staff working at least through 2012 to verify the hackers were expunged, after its staff discovered the hack in 2010.
Even after the hack suspected to be linked to Beijing, the intrusion is part of series of cybersecurity lapses at the FDIC in recent years that continued. At least seven cybersecurity incidents it considered to be major which occurred in 2015 or 2016 this year, the FDIC has reported to Congress.
According to a redacted copy obtained by Reuters under a Freedom of Information Act request, an annual report by the regulator said there were 159 incidents of unauthorized computer access during fiscal year 2015.
However these incidents included security lapses such as employees copying sensitive data to thumb drives and leaving the agency rather than major breaches by hackers.
According to an FDIC document provided to Reuters by the U.S. House of Representatives Committee on Science, Space and Technology, twenty of the incidents were confirmed data breaches. Under reporting guidelines for major incidents, that represents a higher number than was previously reported by the regulator.
"We are continuing to take steps to enhance our cybersecurity program," Hagenbaugh said.
The FDIC was failing to do "vulnerability scanning" in an important part of its network, a standard technique used to detect hackers, an audit by the FDIC's inspector general in November found. The FDIC was working to address the shortfall, the he audit stated.
Including the theft of background check records from the Office of Personnel Management Washington has accused Beijing of hacking government offices before.
Whether the issue would be taken up by President-elect Donald Trump, who has vowed to confront China on trade issues or whether the FBI probe of the FDIC hack would result in any action against China is not yet clear.
(Source:www.reuters.com)
Also the target of a probe by a congressional committee is the security breach which included gaining access to the workstation for former FDIC Chairwoman Sheila Bair, hackers broke into dozens of computers.
In the United States, one of three federal agencies that regulate commercial banks was the FDIC. It has access to records on millions of individual American deposits and it oversees confidential plans for how big banks would handle bankruptcy.
Reuters report3d citing sources that view of internal communications between senior FDIC officials related to the hacking were allowed last month by the banking regulator to congressional staff. The sources reportedly said that in the exchanges, the officials referred to the attacks as having been carried out by Chinese military-sponsored hackers. The exchanges however did not explain why the FDIC officials believe the Chinese military was behind the breach.
There was no comments from FDIC spokeswoman Barbara Hagenbaugh.
According to a 2013 internal probe conducted by the FDIC's inspector general, an internal watchdog, the FDIC persisted into the next year and possibly later, with staff working at least through 2012 to verify the hackers were expunged, after its staff discovered the hack in 2010.
Even after the hack suspected to be linked to Beijing, the intrusion is part of series of cybersecurity lapses at the FDIC in recent years that continued. At least seven cybersecurity incidents it considered to be major which occurred in 2015 or 2016 this year, the FDIC has reported to Congress.
According to a redacted copy obtained by Reuters under a Freedom of Information Act request, an annual report by the regulator said there were 159 incidents of unauthorized computer access during fiscal year 2015.
However these incidents included security lapses such as employees copying sensitive data to thumb drives and leaving the agency rather than major breaches by hackers.
According to an FDIC document provided to Reuters by the U.S. House of Representatives Committee on Science, Space and Technology, twenty of the incidents were confirmed data breaches. Under reporting guidelines for major incidents, that represents a higher number than was previously reported by the regulator.
"We are continuing to take steps to enhance our cybersecurity program," Hagenbaugh said.
The FDIC was failing to do "vulnerability scanning" in an important part of its network, a standard technique used to detect hackers, an audit by the FDIC's inspector general in November found. The FDIC was working to address the shortfall, the he audit stated.
Including the theft of background check records from the Office of Personnel Management Washington has accused Beijing of hacking government offices before.
Whether the issue would be taken up by President-elect Donald Trump, who has vowed to confront China on trade issues or whether the FBI probe of the FDIC hack would result in any action against China is not yet clear.
(Source:www.reuters.com)