Cross-posted to Elsewhere
http://www.guardian.co.uk/business/2013/feb/06/federal-reserve-anonymous
"Federal Reserve hacked"
Hacked
is the mighty Federal Reserve! I would've wrote. This being reported
only days ago alleges "Anonymous" hacked into their secure internal
domain, further alleging to steal private info on thousands of FedRes
employees.
This seems to me as an outright breech of the Fed's security
implementation, for security purposes they did not reveal how it was
done, but that it involved a "temporary vulnerability in a website
vendor product", which leaves me to believe a group-licensed application was exploited and used to disguise the breach.
Behind
layers of security redundancies their more sensitive data remains
unaffected, call me crazy, I know identities can be used for espionage
in the financial sector, but I assume the network infiltration was in
attempt to access and manipulate monied accounts. In sinister form
'Anonymous' hackers have shared the data retrieved on FedRes employees
in part to remind the financial institution titan where they plausibly
stand in the digital world and their susceptibilities regarding their
employee regime. Could it be a public relations stunt, could Anonymous
be claiming responsibility for someone else's work, regardless of those
questions, the network is always connected, security is a must.
I
would potentially beef-up security by adding layers of redundancy,
encryption policies, and secure and encrypted log-on mechanisms and
practices, as well as review the human element in the digital trespass.
The article goes on to hint that the hack-in was in response
to a fellow hacktivist suicide and that the hack reached a level of
FedRes operations responsible for inter-bank mundane communications
involving literal water floods and other natural disasters the like. I imagine this means the mail server was poached via a recently installed accounting program.
Insincerely,
Anonymous