thewayne: (Cyranose)
The Wayne ([personal profile] thewayne) wrote2014-05-05 03:57 pm
  • Add Memory
  • Share This Entry

How the Feds prevent cyber attacks against the Federal Reserve

Very interesting article about some of the internals of the people responsible for constantly monitoring the Federal Reserve's networks for data being exfiltrated or computers on their network being compromised. They will detect if you plug in an unauthorized USB device and your computer can be instantly shunted in to a walled garden until it can be seized and searched for badness.

Amazing job these people do. This article originally appeared on the Foreign Policy web site under a really ridiculous registration system.

http://foreign-policy6.blogspot.com/2014/04/exclusive-meet-secret-fed-cyber.html
Flat | Top-Level Comments Only
silveradept: A kodama with a trombone. The trombone is playing music, even though it is held in a rest position (Default)

[personal profile] silveradept 2014-05-07 04:02 pm (UTC)(link)
Interesting. Clearly, whatever it is they're doing, it's working. Maybe some other entities could stand to learn from them.

[identity profile] thewayne.livejournal.com 2014-05-11 05:48 pm (UTC)(link)
Some firms do have pro-active groups like this, but I think it's a question of scale. Most companies can't afford to do something like this, and a lot that could afford are being run by profit-maximalists and won't fund an operation like this. They did mention that they will extend their services if asked when member banks are attacked and will share information with member banks, they definitely have the advantage of the absolute need for security and solid government funding.

I wonder if we were able to talk to someone from them, what their opinion would be on their funding level.
silveradept: A kodama with a trombone. The trombone is playing music, even though it is held in a rest position (Default)

[personal profile] silveradept 2014-05-11 07:52 pm (UTC)(link)
They probably would say they need more funding.

I still don't understand how profit-maximalists can get away with not thinking about possible liability in case of a data breach, though.

[identity profile] thewayne.livejournal.com 2014-05-12 12:12 am (UTC)(link)
Quarterly profits > cost center that doesn't contribute to profits. If they get hit by a hack, chances are they have insurance,so anything that would drive down dividends and stock prices is not as important. Plus, golden parachutes.
silveradept: A kodama with a trombone. The trombone is playing music, even though it is held in a rest position (Default)

[personal profile] silveradept 2014-05-12 12:37 am (UTC)(link)
Oh, so we need to tie both corporate profits and executive salaries to data security, so that anyone suffering a hack forfeits their profits for the year and their executives get paid nothing.
Flat | Top-Level Comments Only