Washington: The FBI is investigating how hackers, believed sponsored by China's military, infiltrated computers at a US federal agency that regulates commercial banks for several years beginning in 2010.
The agency, the Federal Deposit Insurance Corporation (FDIC), is one of three that oversees confidential plans for how big banks would handle bankruptcy. It has access to records on millions of individual American deposits.
The security breach, in which hackers gained access to dozens of computers including the workstation for former FDIC Chairwoman Sheila Bair, has also been the target of a probe by a congressional committee, according to people with knowledge of the matter.
Last month, the banking regulator allowed congressional staff to view internal communications between senior FDIC officials related to the hacking, two people who took part in the review said. In the exchanges, the officials referred to the attacks as having been carried out by Chinese military-sponsored hackers. The staff was not allowed to keep copies of the exchanges, which did not explain why the FDIC officials believe the Chinese military was behind the breach.
Reuters was not able to review those records, and could not determine how long the FBI probe has been open, though it was described as still active. A third person with knowledge of the matter confirmed the FBI had opened a probe.
FDIC spokeswoman Barbara Hagenbaugh declined to comment on the previously unreported FBI investigation, or the hack's suspected sponsorship by the Chinese military, but said the regulator took "immediate steps" to root out the hackers when it became aware of the security breach.
After FDIC staff discovered the hack in 2010, it persisted into the next year and possibly later, with staff working at least through 2012 to verify the hackers were expunged, according to a 2013 internal probe conducted by the FDIC's inspector general, an internal watchdog.
The intrusion is part of series of cybersecurity lapses at the FDIC in recent years that continued even after the hack suspected to be linked to Beijing. This year, the FDIC has reported to Congress at least seven cybersecurity incidents it considered to be major which occurred in 2015 or 2016.
An annual report by the regulator said there were 159 incidents of unauthorised computer access during fiscal year 2015, according to a redacted copy obtained by Reuters under a Freedom of Information Act request. Rather than major breaches by hackers, however, these incidents included security lapses such as employees copying sensitive data to thumb drives and leaving the agency.
Twenty of the incidents were confirmed data breaches, according to an FDIC document by the US House of Representatives Committee on Science, Space and Technology. That represents a higher number than was previously reported by the regulator under reporting guidelines for major incidents.
Throughout the lapses, the FDIC has said it is stiffening information security standards, including a ban on thumb drives and more coordination with the Department of Homeland Security to prevent hacks.
"We are continuing to take steps to enhance our cybersecurity program," Hagenbaugh said.
An audit by the FDIC's inspector general in November found the FDIC was failing to do "vulnerability scanning" in an important part of its network, a standard technique used to detect hackers. The audit stated the FDIC was working to address the shortfall.
The FBI declined to comment on its investigation. When asked about China's possible role in the 2010 hack, Chinese Foreign Ministry spokeswoman Hua Chunying said: "If you have no definitive proof, then it is very hard for you to judge where the attacks really come from".
Washington has accused Beijing of hacking government offices before, including the theft of background check records from the Office of Personnel Management.
It was not clear whether the FBI probe of the FDIC hack would result in any action against China or whether the issue would be taken up by President-elect Donald Trump, who has vowed to confront China on trade issues.
The Obama administration has struggled to develop a clear strategy for responding to cyber attacks, due to the difficulty of identifying hackers and fears of escalation.
That challenge was thrown into relief by hacks during the US presidential election which the CIA and FBI concluded were carried out by Russia to help Trump win. Russia denied the accusation.
The White House had no comment on the FDIC hack. Trump's transition team did not respond to a request for comment.
Last year, US President Barack Obama and Chinese President Xi Jinping reached an agreement to avoid economic cyber espionage on one another.
Reuters