Here's a statement of the obvious: The opinions expressed here are those of the participants, not those of the Mutual Fund Observer. We cannot vouch for the accuracy or appropriateness of any of it, though we do encourage civility and good humor.
"In a post on its victim-shaming site, ransomware group LockBit claimed Sunday evening that it had stolen 33 terabytes of data belonging to the Federal Reserve, and the group threatened a Tuesday evening release time. The Fed has not commented on the matter.
Brett Callow, a threat analyst at Emsisoft, said it was "highly likely, in my opinion" that the group is lying. "I believe it's far more likely that any data they do have relating to the [Fed] would have come from a third party," he said."
the scale of russia-affiliated cybercrime is speculated far below pre-ukraine war trajectory. u.s. and allies presumably have used the war to coordinate offensive attacks on a massive scale, knowing cybercrime's role in compensating for sanctions.
"BitCoin News" is a twitter account, not a source. According to them, "They have set a deadline of June 25th for the ransom payment." How would the Fed make a ransom payment, exactly? Anyway, today is June 26.
If you think about it, if they did steal 33tb of data and REALLY wanted a ransom, they would have been smart enough to leave an easy to find track once the Fed IT group knew to look for it or they would have donated 1tb of data back to the Fed to prove it. If they did anything like this, I am sure the Fed would not announce a successful breach for obvious millions of reasons so I have concluded that, whatever the truth, it is being dealt with as best the government can. If they fail, THEN, we will hear about whether it was or was not a verified breach. (Of course, any breach like OPM that involved theft of personal data of customers and employees would need to be reported quickly. If similar, the Fed would be very definitive about it.)
My gut feeling is that if a breach is not verified or is not verifiable, it did not happen. Otherwise, what kind of extortion is it anyway???
Comments
I saw the writing on the wall 15 years ago -- very glad I'm not in operational cybersecurity anymore!
"In a post on its victim-shaming site, ransomware group LockBit claimed Sunday evening that it had stolen 33 terabytes of data belonging to the Federal Reserve, and the group threatened a Tuesday evening release time. The Fed has not commented on the matter.
Brett Callow, a threat analyst at Emsisoft, said it was "highly likely, in my opinion" that the group is lying. "I believe it's far more likely that any data they do have relating to the [Fed] would have come from a third party," he said."
u.s. and allies presumably have used the war to coordinate offensive attacks on a massive scale, knowing cybercrime's role in compensating for sanctions.
for attribution impact, governments dont much like this kind of publicity.
https://www.nytimes.com/2024/02/15/us/politics/hacking-russian-intelligence-routers.html
My gut feeling is that if a breach is not verified or is not verifiable, it did not happen. Otherwise, what kind of extortion is it anyway???
Unclear if this breach for Evolve Bank is from the Fed data. I also found a good open source - BNN.
https://x.com/mikulaja/status/1805913148660084932
https://www.bnnbloomberg.ca/evolve-bank-trust-confirms-its-data-was-stolen-in-cyber-attack-1.2089872