Fed still gauging extent of hacker breach, FBI on case

Fri Feb 8, 2013 6:51am IST

Related Topics

Stocks

   

REUTERS - The U.S. Federal Reserve said on Thursday it was still working to determine the extent its computer systems had been breached by hackers, adding that the incident was the subject of a criminal probe by the Federal Bureau of Investigation.

"We are in the process of a comprehensive assessment to determine what information might have been obtained in this incident," said Federal Reserve spokesman Jim Strader. "We remain confident that this incident did not affect critical operations of the Federal Reserve."

The online intrusion, which has embarrassed the U.S. central bank and raised questions about the effectiveness of its security, was publicized on Sunday by activist group Anonymous.

The integrity of the Fed's systems is vital to ensure confidence in its ability to securely transmit highly confidential information, including communications about U.S. monetary policy and the banks that it supervises.

The Fed statement on Thursday was its first explicit acknowledgment that it did not yet know the extent of the security breach. Cyber-security specialists say it takes time to thoroughly investigate a stealthy intrusion by skilled hackers.

Anonymous claimed that it had published personal information from more than 4,000 U.S. bank executives gleaned from a password-protected Fed website.

The website, called the Emergency Communication System (ECS), exists to provide bank contact information in the event of a natural or other disaster. It is managed by the St. Louis Federal Reserve Bank.

A message sent by the Fed to ECS users and obtained by Reuters on Tuesday warned that personal information, including mobile and business telephone numbers, email and business addresses, had been obtained by the online intruders.

Strader said it was possible that more information might still be released by the hackers, but declined to spell out if data from a site other than the ECS had been obtained.

"This incident is the subject of an active criminal investigation with the FBI and we cannot comment further," he said.

The Fed also declined to comment on when the attack took place, how long it took for the breach to be discovered and what type of system or vulnerability was exploited.

A review by Reuters of the code on the ECS site home page shows it runs on ColdFusion, a program used to build websites that software maker Adobe Systems Inc (ADBE.O) patched in mid-January to repair several critical security flaws.

The company said hackers could take advantage of those bugs to break into computer systems, access restricted files and take control of affected servers.

(Reporting by Alister Bull in Washington, Jim Finkle in Boston and Rick Rothacker in Charlotte, N.C.; Editing by Phil Berlowitz, Tim Ahmann and Andre Grenon) ((Reporting by Alister Bull in Washington, Jim Finkle in Boston and Rick Rothacker in Charlotte, N.C.; Editing by Phil Berlowitz, Tim Ahmann and Andre Grenon) (

椀慮据慩景楦散

FILED UNDER:

REUTERS SHOWCASE

SpiceJet Bail-Out

SpiceJet Bail-Out

Co-founder of SpiceJet seeks time to finalise rescue  Full Article 

Regulating Airfares

Regulating Airfares

India considers temporary cap on airfares - government official  Full Article 

Ten Years On

Ten Years On

British tsunami brothers use funky footwear to help children.  Full Article 

Fund Raising

Fund Raising

Xiaomi raising over $1 bln from investors including GIC - source.  Full Article 

Porn Crackdown

Porn Crackdown

China arrests thousands in porn, gambling crackdown - Xinhua.  Full Article 

India v Australia

India v Australia

Boxing Day test of India's resolve in Melbourne.  Full Article | Related Story 

Jaycee Charged

Jaycee Charged

China charges Jackie Chan's son over drug offence.  Full Article 

China on Cyberattacks

China on Cyberattacks

China condemns cyberattacks, but does not mention North Korea.  Full Article 

Reuters India Mobile

Reuters India Mobile

Get the latest news on the go. Visit Reuters India on your mobile device   Full Coverage