Reuters - The Senate Homeland Security Committee's top Democrat sought information Thursday from global financial network SWIFT and the Federal Reserve Bank of New York on steps being taken to bolster cyber security in the wake of the theft of $81 million from the central bank of Bangladesh.Senator Tom Carper of Delaware requested that both answer questions and brief his staff by June 17 on how they were handling issues following the February heist, during which hackers wired money out of an account at the New York Fed held by Bank Bangladesh, as well as how they were safeguarding against other potential cyber threats."These cyber attacks raise important questions about the security of the SWIFT system and the ability of its members to prevent future attacks," Carper wrote in his letters.The inquiry comes as policymakers, regulators and financial institutions around the world increase scrutiny into the heist at Bank Bangladesh and a separate attempt to use fraudulent SWIFT messages to steal from a commercial bank in Vietnam.The Bank of England last month ordered British banks to provide documentation on SWIFT security measures.He requested similar information from the Federal Reserve, including steps it has taken to coordinate with SWIFT, Bangladesh Bank, the Department of Homeland Security and Department of Treasury since the heist.
There were several tweets posted via the S1ege and Scrub Twitter handles about the exploits of the hacking group.On 13 May, Bank of France was hit by a DDoS attack, as tweeted by S1ege; the next day Ghost Squad hackers and S1ege tweeted about bringing down Bank of Kathmandu, Bank of Nepal, Central Bank of Chile, Central Bank of Kuwait and the National Bank of Philippines.In a related tweet, S1ege claimed the National Bank of Philippines was targeted in retaliation to the arrests of the Comelec hackers, who have been accused of breaching Philippines' Commission on Elections website and leaking millions of voters' records online.These were originally tweeted from yet another account speculated to be affiliated with Anonymous hackers that goes by the handle "@Banned Offline".While the NY stock exchange was reportedly down for four hours, Scrub claimed that Union Bank of Cameroon was down for over 48 hours.There is no information about the extent of damage the cyberattacks may have caused the banks.
The Fed s computer systems play a critical role in global banking and hold confidential information on discussions about monetary policy that drives financial markets.For a graphic on the Fed security breaches, see: http://tmsnrt.rs/1TxSu8RThe records represent only a slice of all cyber attacks on the Fed because they include only cases involving the Washington-based Board of Governors, a federal agency that is subject to public records laws.In eight information breaches between 2011 and 2013 - a time when the Fed s trading desk was buying massive amounts of bonds - Fed staff wrote that the cases involved malicious code, referring to software used by hackers.Four hacking incidents in 2012 were considered acts of espionage, according to the records.Beginning in 2014, for instance, hackers stole more than 21 million background check records from the federal Office of Personnel Management, and U.S. officials attributed the breach to the Chinese government, an accusation denied by Beijing.Reporting by Jason Lange and Dustin Volz; Editing by David Chance and Brian Thevenot
The Fed classified four hacking incidents in 2012 as espionage, and there were information disclosures in two of those cases, according to the records released to Reuters.Between 2012 and this year, the Fed's Washington reported 81 malicious code incidents, 54 cases of unauthorized access, and 12 cases of inappropriate use of networks or computers, Reuters reported."The Federal Reserve is really a gold mine for economic espionage," O'Neil added.The Fed is a "prominent target," added Toni Gidwani, director of research operations at security vendor ThreatConnect.Attacks on the banking system are "aimed at the heart of how money flows across the globe," she added by email."Gaining access to the Fed's data and its strategies for ensuring the health of the U.S. dollar and the broader economy would be very valuable for a number of actors -- whether it's nation states seeking to understand their exposure to swings in interest rates or individuals looking to profit by advanced knowledge of the Fed's next moves," Gidwani said.
REUTERS/Kevin LamarqueBy Jason Lange and Dustin VolzWASHINGTON Reuters - The U.S. Federal Reserve detected more than 50 cyber breaches between 2011 and 2015, with several incidents described internally as "espionage," according to Fed records.The Fed's computer systems play a critical role in global banking and hold confidential information on discussions about monetary policy that drives financial markets.For a graphic on the Fed security breaches, see: http://tmsnrt.rs/1TxSu8RThe records represent only a slice of all cyber attacks on the Fed because they include only cases involving the Washington-based Board of Governors, a federal agency that is subject to public records laws.In eight information breaches between 2011 and 2013 - a time when the Fed's trading desk was buying massive amounts of bonds - Fed staff wrote that the cases involved "malicious code," referring to software used by hackers.Four hacking incidents in 2012 were considered acts of "espionage," according to the records.Beginning in 2014, for instance, hackers stole more than 21 million background check records from the federal Office of Personnel Management, and U.S. officials attributed the breach to the Chinese government, an accusation denied by Beijing.
The US Fed maintains that internal information has not been accessed by outside entitiesThe US Federal Reserve has repeatedly been targeted by hackers in the past few years.It is uncertain if the breaches resulted in hackers gaining access to classified data, as the records obtained were heavily redacted and refrained from divulging such details.However, our security programme and processes for detecting and countering attacks are robust and our critical operations have never been affected."As many as 134 attacks were designated "malicious code", while another 12 were labelled "fraud".An additional dozen were stamped "informational", while one stood out as being labelled "extortion".The Bangladesh Bank heist, which saw hackers making away with $81m has left the financial community in shock and highlighted the need for increased security measures.
View photosMoreThe Federal Reserve building in Washington September 1, 2015.The letter cited the Reuters report, which was based on heavily redacted internal Fed records obtained through a Freedom of Information Act request.The redacted records did not say who hacked the bank's systems or whether they accessed sensitive information or stole money.The committee said it has jurisdiction over the Fed's cyber security because the panel is tasked with oversight of the U.S. National Institute of Standards and Technology, an agency responsible for developing federal cyber security standards and guidelines, under a 2014 federal information technology law.The panel also requested a "detailed description of all confirmed cyber security incidents" from 2009 to the present, all documents and communications referring or relating to "higher impact cases" handled by the Fed's NIRT team, all documents and communications with the Fed's Office of Inspector General related to confirmed cyber incidents, and an organizational chart detailing the Fed's top cyber security personnel.The Fed had declined to comment on the records, which represent only a slice of all cyber attacks on the central bank because they include only cases involving the Washington-based Board of Governors, a federal agency that is subject to public records laws.
DHAKA/NEW YORK Reuters - Hours before the Federal Reserve Bank of New York approved four fraudulent requests to send $81 million from a Bangladesh Bank account to cyber thieves, the Fed branch blocked those same requests because they lacked information required to transfer money, according to two people with direct knowledge of the matter.Despite the technical compliance, the New York Fed rejected 30 of the requests a second time.They are saying they rejected 35 badly submitted ones, the source said.Fed employees queried Bangladesh Bank about the purpose of the payments requested on Feb. 4 and again on Feb. 5, according to a letter to congresswoman Carolyn Maloney D-NY by New York Fed General Counsel Thomas Baxter.The source close to Bangladesh Bank said questions about the anomalies in the approved requests were discussed at a meeting in Basel last month between New York Fed President William Dudley, Bangladesh Bank Governor Fazle Kabir and representatives from SWIFT.SWIFT, which has come under scrutiny after the Bangladesh Bank heist and cyber attacks in at least three other cases, plans a new program to improve security and also wants banks to drastically improve information sharing.
REUTERS/Ashikur RahmanDHAKA/NEW YORK Reuters - Hours before the Federal Reserve Bank of New York approved four fraudulent requests to send $81 million from a Bangladesh Bank account to cyber thieves, the Fed branch blocked those same requests because they lacked information required to transfer money, according to two people with direct knowledge of the matter.On the day of the theft in February, the New York Fed initially rejected 35 requests to transfer funds to various overseas accounts, a New York Fed official and a senior Bangladesh Bank official told Reuters.Despite the technical compliance, the New York Fed rejected 30 of the requests a second time."They are saying they rejected 35 badly submitted ones," the source said.Fed employees queried Bangladesh Bank about the purpose of the payments requested on Feb. 4 and again on Feb. 5, according to a letter to congresswoman Carolyn Maloney D-NY by New York Fed General Counsel Thomas Baxter.Additional reporting by Tom Bergin in London; Editing by Raju Gopalakrishnan and David Greising
Photo: Ashikur Rahman/ReutersCyber bank heists such as the one that hit a Bangladesh Central Bank account held by the New York Fed, should not come as a surprise and only serve to highlight that the internet is ill-equipped to deal with the cybercrime, an expert in internet security says.Last week, a U.S. congressional committee launched an investigation into the Federal Reserve Bank of New York's handling of the heist of more than US$80 million from accounts it maintains for the central bank of Bangladesh.The system, known formally as the Society for Worldwide Interbank Financial Telecommunication, has come under pressure from cyberattacks targeting banks and one expert says the internet was not built to be secure as it needed to be for global money transfers."So we've seen malware being introduced into systems that banks have been using and we've seen criminals also having help from the inside so it's not just technical, it's human as well."Can you stop all the attempts, can you pick out the one transaction that's flawed in hundreds of millions of transactions – in this case the US$81 million from the Bank of Bangladesh – you can see that that one was very carefully prepared and I've also seen reports that the gang tried out the malware on a Vietnamese bank just to make sure they knew exactly how to insert the malware and carry out their crime."SWIFT last month launched a new customer security program to "reinforce the security of global banking" but insisted that in recent fraudulent payment cases, its own "network, software and services had not been compromised" and that the security breaches had occurred within its customers "locally-managed infrastructure."
Fed s Janet Yellen likes fintech and blockchainBlockchain experts met with the Chair of the Federal Reserve, Janet Yellen during an event in Washington DC, to discuss ways the technology can improve the financial system and strengthen cybersecurity.The event, which was hosted by the Federal Reserve, World Bank and IMF, invited the Chamber of Digital Commerce, Chain, Bloq, Goldman Sachs and NASDAQ to share their thoughts on blockchain, Bitcoin and advancements in encrypted, shared ledger technologies.Central banks from over 90 countries participated at the event titled "Finance in Flux: The Technological Transformation of the Financial Sector", which was themed around blockchain and Fintech.She also said that it's undeniable that the global financial system has benefited from Fintech and encouraged central banks to do all they can to learn about financial innovations including Bitcoin, blockchain and distributed ledger technologies.Jeff Garzik, CEO of Bloq and Bitcoin Core Developer, outlined the innovative elements of blockchain technology, including trust shifting, decentralisation, cryptography, immutability and others."Some of the greatest potential benefits of blockchain technology are going to be first seen and actively leveraged in emerging nations," said Garzik.
WASHINGTON -- Americans' household wealth rose in the first three months of this year as home values increased, offsetting a drop in stock prices.Americans' stock and mutual fund portfolios shrank $160 billion, while home values jumped $498 billion.The rise in real estate values likely means the wealth increase was more widely shared than in many previous quarters, because home ownership is the primary source of middle-class wealth.The data underscores one key aspect of the seven-year old recovery from the Great Recession: Americans' finances are in much better shape than they were before the downturn.That left them badly exposed when the economy crashed and nearly nine million people lost jobs.That ratio has fallen steadily since and dropped again in the first quarter, to 105.6 percent, down from 107.4 percent a year earlier.
View photosMoreCommuters pass by the front of the Bangladesh central bank building in Dhaka March 8, 2016.REUTERS/Ashikur Rahman/File Photo Reuters - The U.S. attorney's office in Manhattan has opened an investigation of the cyber heist of $81 million from Bangladesh Bank's account at the Federal Reserve Bank of New York, a law enforcement source said.The FBI last month privately urged banks to look for signs of attempted cyber thefts.Last week, an FBI official speaking in Washington said the agency is investigating "a number of different tentacles" but does not yet know who committed the Bangladesh crime.A U.S. congressional committee has launched a probe into the New York Fed's handling of the heist.The New York Fed transferred $81 million held by Bangladesh Bank to accounts in the Philippines, where it went missing.
For weeks, the Fed had been expected to consider raising rates at its June meeting.Other analysts think the economic outlook will still be too cloudy for a July rate hike and are pointing to September as the most likely time for a Fed move.In addition to the May jobs report, other economic barometers have also sowed doubts -- from tepid consumer spending and business investment to a slowdown in worker productivity to stresses from China other major economies.Nervous investors sent markets sinking, and fears arose of a new recession.Conversely, the Fed also wants to take care not to lead investors to inflate the prices of stocks and other assets out of a mistaken belief that it will keep rates ultra-low well into the future.The need to discourage such excessive risk-taking is why even analysts who think the economy still faces challenges predict that the Fed will nevertheless raise rates at least once this year.
View photosMoreThe Federal Reserve headquarters in Washington September 16 2015.The Office of Inspector General OIG at the Fed's Board of Governors plans to release the audit in the fourth quarter, the OIG said in a report on current and upcoming projects.U.S. lawmakers have asked the Fed's New York branch for information about how cyber criminals stole $81 million from a New York Fed account held by the central bank of Bangladesh.Cyber thieves have targeted large financial institutions around the world, including America's largest bank JPMorgan Chase & Co .The chair of the U.S. Securities and Exchange Commission SEC said last month cybersecurity was the biggest risk facing the financial system.Past studies posted on the Fed's website focused on the central bank's overall cybersecurity practices or on the security of particular information technology systems at the Fed.
View photosMoreCommuters pass by the front of the Bangladesh central bank building in Dhaka March 8, 2016.To match Exclusive CYBER-HEIST/BANGLADESH REUTERS/Ashikur Rahman/File PhotoDHAKA Reuters - Bangladesh central bank officials will hold a meeting with the New York Federal Reserve next month to try and speed up efforts to recover $81 million stolen by hackers from its account at the Fed, officials in Dhaka said.While the criminal investigation has made slow progress, Bangladesh Bank has focused on getting back the money, leaning on the New York Fed and the Philippines central bank for help.Both said the talks follow a meeting in Basel in Switzerland in May where the heads of the Bangladesh central bank, the New York Fed and representatives from SWIFT agreed to help Bangladesh Bank get back its money.Bangladesh police investigators have said that SWIFT technicians introduced security loopholes when connecting the messaging network to Bangladesh's first real-time gross settlement RTGS system late last year.SWIFT, a cooperative owned by 3,000 financial institutions, has rejected those allegations and said its messaging platform was not breached in the Bangladesh hack.
The Financial Stability Oversight Council—a group of senior officials including the heads of the Federal Reserve and the Securities and Exchange Commission—also said the financial system continues to face threats from cyberattacks and risk-taking fueled by historically low interest rates.The discussions about risks posed by marketplace lending and what is known as blockchain or distributed ledger systems—the technology that underpins digital currencies such as bitcoin and ether—are new to the council s annual report, the sixth since the body was formed by the 2010 Dodd-Frank regulatory-overhaul law.Both financial innovations currently play a relatively small role in financial markets, but appear poised for substantial near-term growth.Precisely because innovations are new and potentially disruptive, they merit special attention from financial regulators who must be vigilant, the regulators said.While that was just 6% of the total volume for such loans, the sector is expected to grow 75% this year, the financial research firm estimates.Market participants have limited experience working with distributed ledger systems, and it is possible that operational vulnerabilities associated with such systems may not become apparent until they are deployed at scale, the regulators said.
MoreThe corner stone of The New York Federal Reserve Bank is seen surrounded by financial institutions in New York's financial district March 25, 2015.REUTERS/Brendan McDermidWASHINGTON Reuters - The Federal Reserve Bank of New York might begin taking closer looks at international money transfers using the SWIFT network, Fed Chair Janet Yellen said on Wednesday in response to questions over a recent theft by cyber criminals."The New York Fed systems weren't compromised but they are looking at their processes, looking at what's best practices, looking at the possibility of enhanced monitoring for certain kinds of transactions," Yellen said in an appearance before lawmakers.Reporting by Jason Lange in Washington and Lindsay Dunsmuir in Ottawa; Editing by David Gregorio
Roger W. Ferguson Jr., the former vice chairman of the Federal Reserve and chief executive of financial-services giant TIAA, is Alphabet s 12th director.He will join the board s audit committee, where he will replace early Google investor L. John Doerr; Mr. Doerr will remain on the board.Mr. Ferguson is Alphabet s latest nod to Wall Street since hiring former Morgan Stanley executive Ruth Porat as its chief financial officer last year, a move seen as an effort to improve relations with investors.Shortly after Ms. Porat s arrival, she helped lead a restructuring that split the core business of Google from a series of side projects like a research lab and internet provider dubbed other bets.The new parent company, Alphabet, has since given investors more details on the company s finances.Alphabet s board previously was composed of its executives, early investors, former Silicon Valley executives, academics and former Ford Motor Co. Chief Executive Alan Mulally.
View photosMoreCommuters pass by the front of the Bangladesh central bank building in Dhaka March 8, 2016.DHAKA Reuters - A meeting between Bangladesh central bank officials and the New York Federal Reserve scheduled for this week to speed up efforts to recover $81 million stolen from Bangladesh Bank's account at the Fed has been postponed, officials in Dhaka said.A four-member Bangladesh Bank team headed by deputy governor Mohammad Razee Hassan, who also heads its financial intelligence unit, was to meet Fed officials in New York on July 15."We are in talks with the Fed and hoping that the meeting will take place anytime at the end of this month or next month," said a senior Bangladesh Bank official, declining to be named.Another official in Dhaka confirmed the postponement.Both declined to give the reason for the delay.