08 February 2013

Once more unto the breach

Cross-posted to Elsewhere


"Federal Reserve hacked"

Hacked is the mighty Federal Reserve! I would've wrote. This being reported only days ago alleges "Anonymous" hacked into their secure internal domain, further alleging to steal private info on thousands of FedRes employees.

This seems to me as an outright breech of the Fed's security implementation, for security purposes they did not reveal how it was done, but that it involved a "temporary vulnerability in a website vendor product", which leaves me to believe a group-licensed application was exploited and used to disguise the breach.

Behind layers of security redundancies their more sensitive data remains unaffected, call me crazy, I know identities can be used for espionage in the financial sector, but I assume the network infiltration was in attempt to access and manipulate monied accounts. In sinister form 'Anonymous' hackers have shared the data retrieved on FedRes employees in part to remind the financial institution titan where they plausibly stand in the digital world and their susceptibilities regarding their employee regime. Could it be a public relations stunt, could Anonymous be claiming responsibility for someone else's work, regardless of those questions, the network is always connected, security is a must.

I would potentially beef-up security by adding layers of redundancy, encryption policies, and secure and encrypted log-on mechanisms and practices, as well as review the human element in the digital trespass.

The article goes on to hint that the hack-in was in response to a fellow hacktivist suicide and that the hack reached a level of FedRes operations responsible for inter-bank mundane communications involving literal water floods and other natural disasters the like. I imagine this means the mail server was poached via a recently installed accounting program.