Web Analytics
  • Secure Channels

Experts Including CEO Blech Comment On Fed Hack

Comments from Security Experts on Federal Reserve Cyberattack Include Secure Channels CEO Blech

Experts from Securonix and Secure Channels commented tonight on Brian Krebs’ report that the St. Louis Federal Reserve today sent a message to the banks it serves alerting them that in late April 2015 attackers succeeded in hijacking the domain name servers for the institution. The attack redirected Web searches and queries for those seeking a variety of domains run by the government entity to a Web page set up by the attackers in an apparent bid by cybercrooks to hijack online communications of banks and other entities dealing with the regional Fed office.

Igor Baikalov, Chief Scientist, Securonix (www.securonix.com)

“Unless hackers were really into some serious economic research, the likely target of this attack was not the FRB data, but rather the users of this data. Attackers could have harvested credentials on the spoofed pages (hoping for password reuse on other, more sensitive websites), or implanted malware for later access to the user computer. There’s not much the affected users can do to protect themselves: as the statement noted, changing password is a good idea; scanning user computer with updated anti-virus signatures might also help to detect malware. St. Louis Fed has to closely monitor affected applications for any anomalies in access and user behavior to detect potential intruders and prevent them from using the Fed’s systems as a stepping stone for other attacks, similar to the State Department hack.”

Stewart Draper, Director of Insider Threat, Securonix (www.securonix.com)

“There has been a rise in DNS style attacks from hacktivist and cyber crime groups of the course of the last 6 months. I think this target was selected by an opportunistic group that saw a vulnerability they could exploit. They likely allowed the exploitable system to remain while they created fake websites for those institutes connected to them in hopes of conducting further reconnaissance on financial institutes. I think once you begin redirecting traffic, your cover is blown so malicious malware will be difficult to keep on a system that could have been infected. I would imagine routing tables, communicating DNS systems from other financial institutions, would be a good starting point in data collection for these criminals.”

Richard Blech, CEO, Secure Channels (www.securechannels.com):

“This is an example of potential thieves tricking the customers of the banks whose web traffic they redirected into entering their personal information into a similar looking site. This practice is known as phishing. If the actual banks’ websites had used an authentication system that is not able to be reproduced on the phishers’ site or only accepted encrypted data input from an actual customer, the customer’s account would be safe as the phisher would be not able to reproduce the format of the encrypted data it accepts. We cannot ignore this potential for disaster. Hackers are playing with the Federal Reserve the ramifications of such a breach could be enormous and have dramatic effects on the economy.”

Read the original article here.

For more articles featuring CEO Richard Blech, visit the Secure Channels website.

#Irvine #CyberSecurity #Federalreserve #RichardBlech #Hack #CyberAttack #SecureChannels #Government

Secure Channels BRINGS to market data encryption, cryptographic protocols, and access control/ privileged access/ user authentication technologies in the form of licensable tools, end user platforms and purpose-built solutions, SERVING software & application developers, hardware OEM and device manufacturers, and enterprise organizations, WHO place a premium on cybersecurity, risk reduction, and operational performance benefits or competitive differentiation provided, ALLOWING them to replace, augment, or introduce to new cryptography into their products or environments, PROVIDING material and measurable cybersecurity protections, risk reduction and data breach mitigation.

Secure Channels Inc. 

16400 Bake Parkway, Suite 100  |  Irvine, CA 92618  |  T: (855) 825-6766  |  E: contact@securechannels.com

Follow us!

  • Facebook
  • LinkedIn
  • Twitter

Copyright © 2020 Secure Channels Inc. All rights reserved