The Chinese government is the likely culprit in several high-profile hacks on the Federal Deposit Insurance Corporation from 2010 to 2013, and agency officials tried to cover it up, according to a new Congressional report.
The Wednesday report, released by the House of Representatives’ Science, Space and Technology Committee, cited an internal FDIC report that identified Beijing as an attacker that compromised 12 computers and 10 backrooms servers at the FDIC.
“In essence, a foreign government penetrated FDIC's computers and the workstations of high-level agency officials,” including the chairman, chief of staff and general counsel, the report said.
The investigation said that the attacks were covered up in order to protect the position of FDIC Chairman Martin Gruenberg, who took office in 2011.
“The committee's interim report sheds light on the FDIC’s lax cyber security efforts,” said Chair Lamar Smith (R-Texas). “The FDIC's intent to evade congressional oversight is a serious offense.”
In a recent internal review, the FDIC admitted that it “did not accurately portray the extent of risk” to Congress and that recordkeeping “needs improvement.” The agency now claims that it is in the process of updating its policies.
Gruenberg is being summoned before the congressional committee on Thursday to explain the debacle.
The report comes at a time when there is growing focus on cybersecurity, especially in the realms of finance and national security.
The report also said that FDIC has a culture of secrecy that allowed for investigators to be misled. An unnamed whistleblower claimed in the report that Pittman “instructed employees not to discuss... this foreign government penetration of the FDIC's network” to avoid getting in the way of Gruenberg's confirmation by the Senate in March 2012.
The Chinese Embassy in Washington told the Associated Press that it did not have detailed information on the report's findings.
“China firmly opposes and is committed to combatting all forms of cybercrimes,” embassy spokesman Zhu Haiquan said in a statement. “China and the United States have already established a high-level joint dialogue mechanism on fighting cybercrime and related issues. This is the best channel for both sides to address this challenge. Making unfounded accusations is counterproductive.”