Fed records show over 50 cybersecurity breaches: report

Fed records show over 50 cybersecurity breaches: report
© Greg Nash

Federal records show that the U.S. Federal Reserve detected more than 50 cybersecurity breaches between 2011 and 2015, including several incidents considered to be espionage, Reuters reports.


The Fed’s cybersecurity team logged 310 incident reports during the four-year span, 140 of which were classified as hacking attempts.

Out of those 310 incidents, the Fed identified 51 incidents of “information disclosure” — a broad classification that includes access by hackers or emails sent by Fed employees to the wrong recipient.

Four incidents of hacking in 2012 were described as espionage, according to records. Information was disclosed in at least two of those incidents.

Eight information breaches between 2011 and 2013 involving malicious code coincided with a massive federal buy-up of bonds.

The 140 reports represent only a portion of all cyberattacks on the Fed. They include only incidents affecting the Washington, D.C.-based Board of Governors — a federal agency subject to Freedom of Information Act requests — and exclude the Fed’s 12 privately owned regional banks.

It is unclear if the espionage incidents were the work of foreign governments, which are in the spotlight after the massive breach of the Office of Personnel Management. The hack has been widely attributed to China, although Beijing denies the charges.

Security experts say foreign governments like China and Russia stand to gain a significant edge in the $13.8 trillion federal debt market, in which the Fed plays a significant role in setting interest rates.

"Obviously that makes it a very clear target for other nation states," Ari Schwartz, a former top cybersecurity adviser at the White House, now with the security firm Venable, told Reuters.

The Obama administration in March indicted seven Iranians for a series of coordinated cyberattacks against the U.S. financial sector in 2013.

Security practices at central banks are under scrutiny internationally, after hackers stole $81 million from the Bangladesh central bank’s New York Fed account in February.

Bangladesh officials have hinted that some of the blame rests with the Fed.

"We view this as a major lapse on the part of FRB NY," Bangladesh Bank said in an internal report.

The theft is thought to be one of the largest cyber heists in history. It prompted the resignation of central bank governor Atiur Rahman, and the FBI is currently assisting with the investigation.