Federal Reserve Detects More Than 50 Cyberattacks

Federal Reserve

Hackers tried to access the computer systems of the United States Federal Reserve repeatedly—more than 50 cyberattacks were detected by the central bank from 2011 to 2015, according to Reuters based on the cybersecurity report obtained through a Freedom of Information Act request.

The cybersecurity report showed that some of the cybersecurity breaches were classified as “espionage.”  Keeping the central bank’s computer system secure is critical because it contains confidential information that could affect the global financial industry.

Eight information breaches were detected between 2011 and 2013 when the central bank’s trading desk was buying huge amounts of bonds. The staff of the Federal Reserve reported that hackers used malicious code in those incidents.

The central bank’s staff considered four hacking incidents as “espionage in 2012. The report showed that information was disclosed in at least two of those incidents.

Hacking is a major threat to the financial system

The central bank’s staff suspected that many of the incidents of cybersecurity breaches were conducted by hackers or spies.  The cybersecurity report was heavily redacted to maintain the secrecy of the security procedures of the central bank. It did not show whether the hackers or spies were able to steal money or access confidential information.

According to Reuters, the redacted cybersecurity report was analyzed by James Lewis, a cybersecurity expert at the Center for Strategic and International Studies. Lewis stated that “hacking is a major threat to the stability of the financial system. This data shows why.”

The cybersecurity reports only included incidents involving the Board of Governors, a federal agency subject to public records laws. The central bank has 12 privately owned regional branches with local cybersecurity teams.

Hackers have been targeting financial institutions worldwide including the largest banks in the United States such as JP Morgan Chase & Co. (NYSE:JPM), Wells Fargo & Company (NYSE:WFC) and Bank of America (NYSE:BAC).

They also tried to breach the computer systems of smaller banks in other countries including the Banco del Austro in Ecuador and Tien Phong Bank in Vietnam. It was recently reported that hackers stole $81 million from the account of Bangladesh Bank at the New York Fed.

Last year, hackers involved in the cyberattacks on the systems of the Office of the Personnel Management (OPM) of the United States stole the social security numbers and personal data of  21.5 million Americans.

Federal Reserve NIRT identified 51 cases of information disclosure

The Federal Reserve’s National Incident Response Team (NIRT) composed of cybersecurity experts identified 51 cases of “information disclosure” involving the Federal Reserve’s Board.

Two former Fed cybersecurity staffs told Reuters that the cases of information disclosure could happen in various ways from hacking attacks of Fed emails sent to wrong recipients. They added that cyberattacks on the Fed is almost common as those happening at other large financial institutions.

The NIRT handles “higher impact cases” and sometimes they works round the clock to patch software and prevent hackers from gaining access to the computer systems of the Fed.