Congress Probes Cyber Incidents at Federal Reserve

Congress has launched an investigation into the security posture of computer systems at the U.S. Federal Reserve, following series of reports that the banking unit detected more than 50 cyber breaches between 2011 and 2015. 

In a letter (PDF) addressed to U.S. Federal Reserve Chair Janet on Friday, a House of Representatives committee requested documents and information related to the incidents. 

“These reports raise serious concerns about the Federal Reserve’s cybersecurity posture, including its ability to prevent threats from compromising highly sensitive financial information housed on the agency’s systems,” House Science Committee Chairman Lamar Smith (R-Texas) wrote.

Smith requested that the National Incident Response Team (NIRT) provide all related documents “in unredacted form” by June 17, 2016.

“In the late 1800s, the Treasury Department mandated the first architectural specifications for a bank vault. The FFIEC has attempted to do the same with her information security guidelines since 2001, yet these architectures are failing against the modern cybercriminal threat,” Tom Kellermann, CEO of Strategic Cyber Ventures and former member of World Bank’s security team, told SecurityWeek.

“In 2015-2016, there has been an evolution of cyberespionage and the adaptation of market manipulation via cybercriminals,” Kellermann added.  “More events of front-running and insider trading are occurring due to gaps in the security of financial institutions.  These gaps are exploited because the cyber vault has not evolved with the threat landscape. The security architecture of the U.S. financial system must evolve in order to combat these modern-day Dillinger gangs.”