St. Louis Fed confirms cyberattack

St. Louis Fed confirms cyberattack
© Getty Images

The Federal Reserve Bank of St. Louis has confirmed a cyberattack that rerouted users from the the bank’s online research pages to spoofed sites the hackers had set up.

Although the St. Louis Fed’s website was not compromised, the redirected Web users may have been infected with malicious software or inadvertently given up their login credentials on the fake pages.

ADVERTISEMENT
“Users who were redirected to one of these phony websites may have been unknowingly exposed to vulnerabilities that the hackers may have put there, such as phishing, malware and access to user names and passwords,” the bank said in a statement.

Security researcher and journalist Brian Krebs first reported the hack.

The incident is just the latest in a string of digital attacks targeting the government’s networks. The White House, State Department and Pentagon have all acknowledged in recent months that hackers accessed unclassified systems, raising questions about the government’s cyber defenses.

The St. Louis Fed hack differentiates itself in that the cyber crooks were looking to hijack the bank’s domain name system, DNS, not gain access to the research center’s back end, which mostly included archival economic data.

Essentially, they were going after the high-profile users of the site, not the site itself, security experts said.

“Unless hackers were really into some serious economic research, the likely target of this attack was not the [bank’s] data, but rather the users of this data,” said Igor Baikalov, chief scientist at cyber threat data firm Securonix, in a statement.  

The tactic, known as DNS attacks or domain hijacking, is increasingly popular in the cyber crime community. Some security researchers have noted an uptick in the last six months especially.

“Domain hijacking and web address network re-directing is a huge problem, getting worse and nearly impossible to prevent from a target company perspective,” explained Brad Taylor, CEO of computer security firm Proficio, in a statement.

The St. Louis Fed is one of 12 regional Federal Reserve Banks. Together, they help determine the country’s monetary policy, such as interest rates and the government’s money supply.