China’s spies hacked into computers at the Federal Deposit Insurance Corporation from 2010 until 2013 — and American government officials tried to cover it up, according to a Congressional report.
The House of Representative’s Science, Space and Technology Committee released its investigative report on Wednesday.
It presents the FDIC’s bank regulators as technologically inept — and deceitful.
According to congressional investigators, the Chinese government hacked into 12 computers and 10 backroom servers at the FDIC, including the incredibly sensitive personal computers of the agency’s top officials: the FDIC chairman, his chief of staff, and the general counsel.
When congressional investigators tried to review the FDIC’s cybersecurity policy, the agency hid the hack, according to the report.
Investigators cited several insiders who knew about how the agency responded. For example, one of the FDIC’s top lawyers told employees not to discuss the hacks via email — so the emails wouldn’t become official government records.
Given the FDIC’s role as a national banking regulator, the revelation of this hack poses serious concern.
The FDIC’s role is to monitor any bank that isn’t reviewed by the Federal Reserve system. It has access to extremely sensitive, internal information at 4,500 banks and savings institutions.
The FDIC also insures deposits at banks nationwide, giving it access to huge loads of information on Americans.
Congressional investigators discovered the hacks after finding a 2013 memo from the FDIC’s own inspector general to the agency’s chairman, which detailed the hack and criticized the agency for “violating its own policies and for failing to alert appropriate authorities.”
The report also says this culture of secrecy led the FDIC’s chief information officer, Russ Pittman, to mislead auditors. One whistleblower, whose identity is not revealed in the report, claimed that Pittman “instructed employees not to discuss… this foreign government penetration of the FDIC’s network” to avoid ruining Gruenberg’s confirmation by the U.S. Senate in March 2012.
David Kennedy, a computer security expert and former analyst at the NSA spy agency, worries that federal agencies are repeatedly hiding hacks “under the blanket of national security.”
Full article: China hacked the FDIC – and US officials covered it up, report says (CNN Money)