Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI Probes FDIC Hack Linked To China's Military: Reuters (reuters.com)

Posted by BeauHD on from the trip-down-memory-lane dept.

An anonymous reader quotes a report from Reuters: The FBI is investigating how hackers infiltrated computers at the Federal Deposit Insurance Corporation for several years beginning in 2010 in a breach senior FDIC officials believe was sponsored by China's military, people with knowledge of the matter said. The security breach, in which hackers gained access to dozens of computers including the workstation for former FDIC Chairwoman Sheila Bair, has also been the target of a probe by a congressional committee. The FDIC is one of three federal agencies that regulate commercial banks in the United States. It oversees confidential plans for how big banks would handle bankruptcy and has access to records on millions of individual American deposits. Last month, the banking regulator allowed congressional staff to view internal communications between senior FDIC officials related to the hacking, two people who took part in the review said. In the exchanges, the officials referred to the attacks as having been carried out by Chinese military-sponsored hackers, they said. The staff was not allowed to keep copies of the exchanges, which did not explain why the FDIC officials believe the Chinese military was behind the breach. After FDIC staff discovered the hack in 2010, it persisted into the next year and possibly later, with staff working at least through 2012 to verify the hackers were expunged, according to a 2013 internal probe conducted by the FDIC's inspector general, an internal watchdog. The intrusion is part of series of cybersecurity lapses at the FDIC in recent years that continued even after the hack suspected to be linked to Beijing. This year, the FDIC has reported to Congress at least seven cybersecurity incidents it considered to be major which occurred in 2015 or 2016.

22 comments

  1. Are there going to be cries of "fake news" now? by Dutchmaan · · Score: 2

    Let's see how readily people accept THIS hacking story.... Will it receive the same level of scrutiny and dismissal as Russia's hacking?

    1. Re:Are there going to be cries of "fake news" now? by Anonymous Coward · · Score: 0

      Yes, but different set of shills.

    2. Re:Are there going to be cries of "fake news" now? by Anonymous Coward · · Score: 0

      "Last month, the banking regulator allowed congressional staff to view internal communications between senior FDIC officials related to the hacking, two people who took part in the review said. In the exchanges, the officials referred to the attacks as having been carried out by Chinese military-sponsored hackers, they said. The staff was not allowed to keep copies of the exchanges, which did not explain why the FDIC officials believe the Chinese military was behind the breach."

      Seems odd doesn't it, not allowing Congressional staffers keep copies of internal FDIC communications for a Congressional probe of the FDIC security breaches? Also strange the internal communication exchanges don't mention that the FDIC came to the conclusion it was Chinese military-sponsored hackers because a private security firm which specialized in probing Chinese hacking, Mandiant (now FireEye), told them it was the Chinese military. IOW a firm which specializes in detecting Chinese state hacking found evidence of Chines state hacking. Also, isn't odd that the FBI is just now investigating the breaches? Why wait so long to report it to them?

      Fake enough, for you?

    3. Re:Are there going to be cries of "fake news" now? by Anonymous Coward · · Score: 0

      The article was posted at 4:20. Slashdot is clearly telegraphing that this article is not to be believed. Obviously the FDIC was hacked by Russia, at the RNC's urging. Get with it, brah.

    4. Re:Are there going to be cries of "fake news" now? by Dutchmaan · · Score: 2

      While I absolutely applaud the effort to make stories more accurate and accountable. I'm somewhat dismayed that even the slightest bit of questioning of a news story automatically makes it "fake" To claim a story as "fake" is as irresponsible and blindly accepting conclusions... Always QUESTION a stroy, but don't let your questions be framed in order to support a pre-drawn conclusion. That's yellow journalism. Question the story, and fill the holes or find out why the holes are there. People need lessons in journalism.

    5. Re:Are there going to be cries of "fake news" now? by Anonymous Coward · · Score: 0

      Eh? The people crying "fake news" are the same people claiming that Russia is hacking them, not the ones dismissing it.

    6. Re:Are there going to be cries of "fake news" now? by Anonymous Coward · · Score: 0

      Let's see if Obama threatens China, or are they not white enough for him to attack?

    7. Re:Are there going to be cries of "fake news" now? by hey! · · Score: 1

      No. Just because I don't want a trade war with China doesn't mean I want them hacking our institutions. China is not our friend. Nor is Russia.

      --
      Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
  2. Proof? by Anonymous Coward · · Score: 1

    All these "hacks" are always third-hand accounts from "anonymous sources"

    Have you noticed all the "proof" is always "classified"? Why should a rational, thinking person believe any of this? Present hard evidence or STFU.

    "If only you knew what I knew...", etc.

    All of this is predicated on the trust of government officials, which I have NONE of.

    1. Re:Proof? by anegg · · Score: 1

      I suspect that most of the "government officials" haven't the faintest clue what is going on. However, its a lot "better" to be hacked by a well-funded nation state than by Jane Script-Kiddie.

  3. One of many agencies by rickb928 · · Score: 3

    ..that should be airgapping critical systems. Passing correspondence through multiple filters. Moving data into these airgapped systems without any reverse channel, as in copy to a USB stick, put to airgapped host, extracted and scanned, USB stick destroyed and not reused.

    I'm glad I don't do this security work any more. It's nearly impossible. I just work at one of the financial institutions the FDIC would monitor, and I can;t even mail my own W-2 to myself. They test me annoyingly often with phishing tests, block media, my VP gets hate mail when I violate some rule, I cannot even chat PII internally any more, have to send it via encrypted internal email. All to merely hope we do not end up on the front page of the fishwrap, finally violated.

    I don't even talk to my friends in security, networking, or compliance anymore. We have nothing safe to talk about.

    --
    deleting the extra space after periods so i can stay relevant, yeah.
    1. Re:One of many agencies by Anonymous Coward · · Score: 0

      Sounds like you aren't in the loop (and don't know the A in CIA triad either), as such you do not have need-to-know, thus why your VP gets emails about your policy breaking behavior.

    2. Re:One of many agencies by CaptainDork · · Score: 2

      Manning walked in with a Lady Gaga CD; wiped it and burned documents to it, so air gap is no substitute for common sense like disabling CD and USB hardware entry points.

      With today's BYOD, security is much harder to deal with.

      I'm with you: I'm retired out of systems administration and don't miss the paranoia of intrusion fears.

      Shortly after I left, the Firm was hit with ransomware.

      Not my problem.

      --
      It little behooves the best of us to comment on the rest of us.
    3. Re:One of many agencies by AHuxley · · Score: 1

      But if the system is air gapped it won't need so much support over the years. It the system just keeps on working as designed think of the contractors who have lost overtime repairing and upgrading networks and systems.
      Think of the hours of support lost when a US system gets air gapped. Thats years of good paying high tech contractor jobs lost to one hardware fix.

      --
      Domestic spying is now "Benign Information Gathering"
  4. very hard to "expunge"... by Anonymous Coward · · Score: 0

    staff working at least through 2012 to verify the hackers were expunged

    That's actually rather difficult to do, once a network has been penetrated (as almost every major network of any importance or interest has been, by somebody: NSA, Russians, Chinese, Israelis, Germans, script kiddies, sometimes all the above...)

    Once an attacker is in, he can plant back doors and hide them from view. So you re-image a machine, and put it back on the network... but it's immediately re-infected by another machine that hasn't been cleansed. Maybe you can do all at once then: remove every machine from your network, re-image all before putting any back online... but then you better hope the attacker didn't infect some piece of firmware or other persistent thing that your re-imaging didn't overwrite. And then you better hope you fixed whatever vulnerability, whether human or machine, that allowed the attacker access in the first place. And you better hope you haven't another like it, which you almost certainly do. And you better hope nothing in your backup data you restored on top of a pristine OS image contained a latent backdoor planted long ago to get through such cleansing.

    I wouldn't be too confident that an organization as large as the FDIC would have the ability to do this successfully when the attacker was sophisticated beyond the "script-kiddie" category.

    1. Re:very hard to "expunge"... by rickb928 · · Score: 1

      And there will be layers of back doors, scheduled to phone home every few days, weeks, months. Decoys set to call other state actors, your own agencies, many individuals, all to obfuscate the true destinations. Drive you crazy for years killing them off just to find you've been playing whack-a-mole while they are playing chess. You end up, sooner than later if you have your effort fully funded from day ONE, capturing and examining every single packet, to build a map of destinations and players.

      And you suspend new hire provisioning, MAC activity, reimage every machine, force password resets after, deny external access until machines are tested, and forbid you've got staff at some conference or exposition, or overseas.

      I just learned last month that if I were to travel overseas for work my machine would have to be scanned before I left to remove sensitive data, and on return it would be taken and a new one issued. I have a list of data I cannot save on it, with instruction to cooperate with authorities and even surrender it if requested.

      Trust no 1

      --
      deleting the extra space after periods so i can stay relevant, yeah.
  5. open to everyone by Anonymous Coward · · Score: 0

    Seems like USA have network open to anyone who dare to look closely.
    Keep off-shore network admin for security purposes,
    that would be a good excuse for political cry out ...

  6. Eye roll... by Frosty+Piss · · Score: 1

    So the FBI is just now discovering this? And we should have a lot of faith that they will "get to the bottom" of this?

    --
    If you want news from today, you have to come back tomorrow.
    1. Re:Eye roll... by Anonymous Coward · · Score: 0

      How would the FBI know to investigate unless the FDIC reported the breach to them which they apparently didn't until recently?

  7. The more important question by Anonymous Coward · · Score: 1

    I think the question we need to ask is not how the Chinese hacked the FDIC, but why. Remember, China is the second largest holder of US debt. Maybe they are are affaird of another 2008 banking crash, and they want find out if the FDIC can protect the banking system.

  8. Somebody is off-script by Anonymous Coward · · Score: 1

    Everything is RUSSIA's fault these days. Putin did it! Putin's hiding in the closet! Putin's under the bed! The current American president (Obama), who 4 years ago ridiculed Mitt Romney in a presidential debate when Romney warned about Russia ("the 1980s called and they want their foreign policy back"), has his people blaming Russia for almost everything including the alleged hacking of the Democrat party (actually an apparently basic phishing) while hoping nobody notices that the Democrats failed to do what was needed to defend their PRIVATE organization (NOT our government) from hacking/phishing.

    "we have always been at war with eastasia"

    Putin's a nasty guy, but the idea that he is behind everything is both idiotic and the current theme of the Clinton/Obama team.... and while Russia was part of the Soviet Union, it is NOT the Soviet Union.

  9. Look on the bright side! by Anonymous Coward · · Score: 0

    Look on the bright side!
    Given the restrictions you mentioned, you must be getting paid at least a 6 figure salary and assuming you haven't tied it all up in stocks, in a couple years (hopefully you have the sense BEFORE you burn out...) you can retire, and jump ship to either an easier but lower paying gig, or use all that money you stashed away to retire and move somewhere where that amount of money will allow you to live equivalent to a 1 percenter rather than a middle class american :)