FBI probes FDIC hack linked to China’s military
The security breach, in which hackers gained access to dozens of computers including the workstation for former FDIC Chairwoman Sheila Bair, has also been the target of a probe by a congressional committee.
The FDIC is one of three federal agencies that regulate commercial banks in the United States. It oversees confidential plans for how big banks would handle bankruptcy and has access to records on millions of individual American deposits.
Last month, the banking regulator allowed congressional staff to view internal communications between senior FDIC officials related to the hacking, two people who took part in the review said. In the exchanges, the officials referred to the attacks as having been carried out by Chinese military-sponsored hackers, they said. The staff was not allowed to keep copies of the exchanges, which did not explain why the FDIC officials believe the Chinese military was behind the breach.
Reuters was not able to review those records, and could not determine how long the FBI probe has been open, though it was described as still active. A third person with knowledge of the matter confirmed the FBI had opened a probe.
FDIC spokeswoman Barbara Hagenbaugh declined to comment on the previously unreported FBI investigation, or the hack’s suspected sponsorship by the Chinese military, but said the regulator took “immediate steps” to root out the hackers when it became aware of the security breach.
After FDIC staff discovered the hack in 2010, it persisted into the next year and possibly later, with staff working at least through 2012 to verify the hackers were expunged, according to a 2013 internal probe conducted by the FDIC’s inspector general, an internal watchdog.
The intrusion is part of series of cybersecurity lapses at the FDIC in recent years that continued even after the hack suspected to be linked to Beijing. This year, the FDIC has reported to Congress at least seven cybersecurity incidents it considered to be major which occurred in 2015 or 2016.
An annual report by the regulator said there were 159 incidents of unauthorized computer access during fiscal year 2015, according to a redacted copy obtained by Reuters under a Freedom of Information Act request.
Rather than major breaches by hackers, however, these incidents included security lapses such as employees copying sensitive data to thumb drives and leaving the agency.
Twenty of the incidents were confirmed data breaches, according to an FDIC document provided to Reuters by the U.S. House of Representatives Committee on Science, Space and Technology. That represents a higher number than was previously reported by the regulator under reporting guidelines for major incidents.
Throughout the lapses, the FDIC has said it is stiffening information security standards, including a ban on thumb drives and more coordination with the Department of Homeland Security to prevent hacks.
“We are continuing to take steps to enhance our cybersecurity program,” Hagenbaugh said.
An audit by the FDIC’s inspector general in November found the FDIC was failing to do “vulnerability scanning” in an important part of its network, a standard technique used to detect hackers. The audit stated the FDIC was working to address the shortfall.
The FBI declined to comment on its investigation. When asked about China’s possible role in the 2010 hack, Chinese Foreign Ministry spokeswoman Hua Chunying said: “If you have no definitive proof, then it is very hard for you to judge where the attacks really come from.”
Washington has accused Beijing of hacking government offices before, including the theft of background check records from the Office of Personnel Management.
It was not clear whether the FBI probe of the FDIC hack would result in any action against China or whether the issue would be taken up by President-elect Donald Trump, who has vowed to confront China on trade issues.
The Obama administration has struggled to develop a clear strategy for responding to cyber attacks, due to the difficulty of identifying hackers and fears of escalation.
That challenge was thrown into relief by hacks during the U.S. presidential election which the CIA and FBI concluded were carried out by Russia to help Trump win. Russia denied the accusation.
The White House had no comment on the FDIC hack. Trump’s transition team did not respond to a request for comment.
Last year, U.S. President Barack Obama and Chinese President Xi Jinping reached an agreement to avoid economic cyber espionage on one another. –Reuters