The FBI is investigating how hackers infiltrated computers at the Federal Deposit Insurance Corporation for several years beginning in 2010 in a breach senior FDIC officials believe was sponsored by China's military, people with knowledge of the matter said.
The security breach, in which hackers gained access to dozens of computers including the workstation for former FDIC Chairwoman Sheila Bair, has also been the target of a probe by a congressional committee.
The FDIC is one of three federal agencies that regulate commercial banks in the United States. It oversees confidential plans for how big banks would handle bankruptcy and has access to records on millions of individual American deposits.
Last month, the banking regulator allowed congressional staff to view internal communications between senior FDIC officials related to the hacking, two people who took part in the review said. In the exchanges, the officials referred to the attacks as having been carried out by Chinese military-sponsored hackers, they said. The staff was not allowed to keep copies of the exchanges, which did not explain why the FDIC officials believe the Chinese military was behind the breach.
Source: Reuters
(Score: 4, Interesting) by nyder on Monday December 26 2016, @08:50AM
Maybe if the NSA spent more time trying to make sure the United States of America networks/servers were secure, mainly on the government level. But I guess instead of helping the various companies fix their bugs, it's better to hoard 0-Day so you can use them against whomever (including people/servers in the USA) instead of making sure your systems (USA Governments) computers are secure.
Just because you are sitting on some 0-Day exploits does NOT mean other countries don't know about the same fucking exploits. You want our security to change? Hold the NSA responsible.
(Score: 2, Informative) by khallow on Monday December 26 2016, @10:33AM
Although the NSA’s effort puzzled crypto experts, documents leaked by Edward Snowden in 2013 proved that the NSA did indeed build a backdoor into Dual_EC_DRBG and paid RSA, a computer security company, to include the compromised algorithm in its software.
(Score: 2) by takyon on Monday December 26 2016, @12:40PM
Attack is a lot easier than defense, and it always will be. So the "China and Russia is hacking our shit!" headlines will persist, and the real question is when will the U.S. grow a pair and hack Chinese targets routinely, to steal IP or whatever. The answer might be "never", because your Stuxnet-level operation could reveal the vulnerabilities you used to gain access, making them useless for future operations. Still, China must have unpatched and vulnerable systems all over the place, and if we aren't hacking into them, it's a matter of foreign policy and/or great paralyzing unease at the Pentagon over the "rules of engagement" for "cyberwarfare".
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 0) by Anonymous Coward on Monday December 26 2016, @04:24PM
Attack is a lot easier than defense, and it always will be.
That may be true but the NSA has a big enough budget to do both.
(Score: 2) by Thexalon on Monday December 26 2016, @10:13PM
How do you know they haven't done that already, and either the Chinese didn't catch them or didn't announce it because they don't give a damn about public opinion?
The only thing that stops a bad guy with a compiler is a good guy with a compiler.
(Score: 2) by takyon on Tuesday December 27 2016, @04:31AM
The military can't decide what constitutes an act of war in the "cyber realm":
http://thehill.com/policy/cybersecurity/254206-dod-official-calls-for-cyber-rules-of-engagement [thehill.com]
http://www.npr.org/sections/parallels/2016/04/20/475005923/rules-for-cyber-warfare-still-unclear-even-as-u-s-engages-in-it [npr.org]
http://www.cnn.com/2016/11/07/politics/nato-cyber-centre-international-law/ [cnn.com]
http://thehill.com/policy/cybersecurity/254341-us-china-negotiating-cyber-warfare-agreement [thehill.com]
Nothing I've seen suggests that we are operating offensively on the scale of Russia and China, particularly the IP theft and political stuff, and there has been a debate and unease within the military over the limits and rules of engagement.
If the events of 2015 (remember the OPM hack?) and 2016 don't cause a change in how we approach this, some people are going to need to die first.
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 0) by Anonymous Coward on Tuesday December 27 2016, @04:46PM
yes, and government agencies shouldn't be allowed to spend public funds on slaveware like windows. They deserve to be hacked if they do.