Thursday, July 14, 2016

China Likely Hacked US Banking Regulator FDIC, Probe Finds


The Chinese government likely hacked computers at the Federal Deposit Insurance Corporation in 2010, 2011 and 2013 and employees at the US banking regulator covered up the intrusions, according to a congressional report on Wednesday.
The report cited an internal FDIC investigation as identifying Beijing as the likely perpetrator of the attacks, which the probe said were covered up to protect the job of FDIC Chairman Martin Gruenberg, who was nominated for his post in 2011.
"The committee's interim report sheds light on the FDIC's lax cyber-security efforts," said Lamar Smith, a Republican representative from Texas who chairs the House of Representatives Committee on Science, Space and Technology. "The FDIC's intent to evade congressional oversight is a serious offense."
The report was released amid growing concern about the vulnerability of the international banking system to hackers and the latest example of how deeply Washington believes Beijing has penetrated US government computers.
China's embassy in Washington did not comment on the allegations and the report did not provide specific evidence Beijing was behind the hack. Shane Shook, a cyber-security expert who has helped investigate some of the breaches uncovered to date, said he did not see convincing evidence in the report that the Chinese government was behind the FDIC hack.
"As with all government agencies, there are management issues stemming from leadership ignorance of technology oversight," Shook said.
The FDIC, a major US banking regulator which keeps confidential data on America's biggest banks, declined to comment. Gruenberg is scheduled to testify on Thursday before the committee on the regulator's cyber-security practices.
Washington has accused China of hacking computers at a range of federal agencies in recent years, including the theft of more than 21 million background check records from the federal Office of Personnel Management beginning in 2014.
Watching memo
The compromise of the FDIC computers by a foreign government had been previously reported in May and some lawmakers had mentioned China as a possible suspect, but the report on Wednesday for the first time cited a 2013 memo by the FDIC's inspector general, an internal watchdog, as pointing toward China.
"Even the former Chairwoman's computer had been hacked by a foreign government, likely the Chinese," the congressional report said, referring to Gruenberg's predecessor, Sheila Bair, who headed the FDIC from 2006 until 2011 when Gruenberg took over as acting chairman.
Bair could not be immediately reached for comment.
A redacted copy of the 2013 FDIC inspector general's memo seen by Reuters said investigators were unable to determine exactly which files had been extracted from agency computers.
But a source familiar with the FDIC's internal investigation said the areas of the regulator's network that were hacked suggested the intruders were seeking "economic intelligence."
In all, hackers compromised 12 FDIC workstations, including those of other executives such as the regulator's former chief of staff and former general counsel, and 10 servers, the congressional report said.

No comments:

Post a Comment