A presidential directive signed by President Obama Tuesday will put the FBI in charge of responding to all cyber threats and give the federal government a more active role in investigating, preventing and mitigating attempts to hack into U.S.-based computer networks.
Obama’s homeland security adviser, Lisa Monaco, said the change was necessary because it’s not always clear whether those responsible for a hacking incident are other countries, terrorists or criminals.
“This directive establishes a clear framework to coordinate the government’s response to such incidents,” Monaco told a cybersecurity conference at Fordham University in New York Tuesday. “It spells out which federal agencies are responsible. And it will help answer a question heard too often from corporations and citizens alike — ‘In the wake of an attack, who do I call for help?'”
While in the works for months, the directive comes just days after the transparency organization Wikileaks revealed 20,000 e-mails stolen from the Democratic National Committee. Security experts suspect Russia was behind that attack, which roiled the Democratic National Convention by showing that the national party actively conspired to hurt Vermont Sen. Bernie Sanders’ presidential campaign. That, in turn, led to the resignation of DNC chairwoman Debbie Wasserman Schultz on the eve of the convention to nominate former Secretary of State Hillary Clinton for president.
The head of a U.S. banking regulator on Thursday said he was unaware of any efforts by his staff to cover up hacking of the agency’s computers by a foreign government in 2010 and 2011, as outlined by a congressional report.
Federal Deposit Insurance Corporation Chairman Martin Gruenberg told a hearing of the committee that published the report that he first learned of the security breach in 2011 when he was the FDIC’s acting chairman.
Lawmakers questioned Gruenberg about his knowledge of what the report described as a cover-up by a senior FDIC executive who ordered staff not to disclose the hacks for fear of endangering Gruenberg’s confirmation to the chairman’s post by the U.S. Senate.
“I can’t speak to the accuracy” of those allegations, Gruenberg said. He said repeatedly he did not know of staff efforts to conceal the intrusions.
The House of Representatives Committee on Science, Space and Technology report issued on Wednesday said the Chinese government appeared likely to have been behind the hacks. It cited an investigation by an internal watchdog of the FDIC, which is a major banking regulator that keeps confidential data on U.S. banks.
Gruenberg said he made personnel changes after receiving a report in 2013 informing him that he was not fully briefed about the hacks.
The Republican-led committee has been critical in recent months of the FDIC’s handling of cyber security incidents under Gruenberg, who was nominated by President Barack Obama and confirmed by the Senate in 2012.
“There is a culture of concealment at the FDIC,” said Lamar Smith, a Republican from Texas who heads the committee.
Asked what damage a foreign government could do with stolen FDIC information, the regulator’s inspector general pointed to details on bank contingency plans for bankruptcy, known as living wills, which could be used against U.S. financial institutions.
“That information could be extremely valued by an adversary,” FDIC Inspector General Fred Gibson told the hearing.
Gruenberg said the FDIC was updating cyber security policies after a subsequent 2015 data breach in which a former employee kept copies of living will information after leaving the regulator. Neither the FDIC nor lawmakers have said the hack by the foreign government was connected to the data breach involving the former employee.
Gruenberg said policy changes were being taken to address such “insider threats” with a governance structure to be finalized by Oct. 28.
An early morning passerby phoned in a report of two people with flashlights prowling inside the fence of an electrical substation in Bakersfield, Calif. Utility workers from Pacific Gas & Electric Co. later found cut transformer wires.
The following night, someone slashed wires to alarms and critical equipment at the substation, which serves 16,700 customers. A guard surprised one intruder, who fled. Police never learned the identities or motive of the burglars.
The Bakersfield attacks last year were among dozens of break-ins examined by The Wall Street Journal that show how, despite federal orders to secure the power grid, tens of thousands of substations are still vulnerable to saboteurs.
The U.S. electric system is in danger of widespread blackouts lasting days, weeks or longer through the destruction of sensitive, hard-to-replace equipment. Yet records are so spotty that no government agency can offer an accurate tally of substation attacks, whether for vandalism, theft or more nefarious purposes.
Most substations are unmanned and often protected chiefly by chain-link fences. Many have no electronic security, leaving attacks unnoticed until after the damage is done. Even if there are security cameras, they often prove worthless. In some cases, alarms are simply ignored.
Source: How America Could Go Dark – WSJ
Swift, operator of the world’s largest money-transfer system, said it has hired a pair of information-security firms to help it scrutinize customers’ use of its systems and detect attempted hacks, following a series of breaches at user sites in recent months.
The Brussels company, whose full name is the Society for Worldwide Interbank Financial Telecommunication, has been battered by a series of cyberthefts that have hit banks in Ecuador, Vietnam, Bangladesh and Ukraine in the past 18 months.
Swift has repeatedly said the core of its network remains uncompromised and it is the responsibility of its users to maintain the integrity of their systems. But it has also faced concerns about its inability to ensure the security of its user interface and the authenticity of its message traffic.
The perpetrators, who haven’t been identified, stole the banks’ Swift credentials and fraudulently sent payment instructions over the Swift network.