WASHINGTON (Reuters) – The U.S. Federal Reserve detected more than 50 cyber breaches between 2011 and 2015, with several incidents described internally as “espionage,” according to Fed records.
The central bank’s staff suspected hackers or spies in many of the incidents, the records show. The Fed’s computer systems play a critical role in global banking and hold confidential information on discussions about monetary policy that drives financial markets.
The cybersecurity reports, obtained by Reuters through a Freedom of Information Act request, were heavily redacted by Fed officials to keep secret the central bank’s security procedures.
The Fed declined to comment, and the redacted records do not say who hacked the bank’s systems or whether they accessed sensitive information or stole money.
“Hacking is a major threat to the stability of the financial system. This data shows why,” said James Lewis, a cybersecurity expert at the Center for Strategic and International Studies, a Washington think tank. Lewis reviewed the files at the request of Reuters.
For a graphic on the Fed security breaches, see: tmsnrt.rs/1TxSu8R
The records represent only a slice of all cyber attacks on the Fed because they include only cases involving the Washington-based Board of Governors, a federal agency that is subject to public records laws. Reuters did not have access to reports by local cybersecurity teams at the central bank’s 12 privately owned regional branches.
The disclosure of breaches at the Fed comes at a time when cybersecurity at central banks worldwide is under scrutiny after hackers stole $81 million from a Bank Bangladesh account at the New York Fed.
Cyber thieves have targeted large financial institutions around the world, including America’s largest bank JPMorgan, as well as smaller players like Ecuador’s Banco del Austro and Vietnam’s Tien Phong Bank.
Hacking attempts were cited in 140 of the 310 reports provided by the Fed’s board. In some reports, the incidents were not classified in any way.