Asia-Pacific
FBI probes cyber attack on Citigroup: WSJ
(Agencies)
Updated: 2009-12-23 09:31
 |
Large Medium Small |
|
 Citigroup Chairman Richard Parsons waits for an address by President Barack Obama about the global financial crisis, at Federal Hall in New York September 14, 2009. [Agencies]? |
NEW YORK: The US Federal Bureau of Investigation is probing a computer hacking that targeted Citigroup Inc and resulted in the theft of tens of millions of dollars, The Wall Street Journal reported on Tuesday, but the financial institution denied its systems had been breached.
"There has been no breach and there have been no associated losses," Citigroup said in a statement.
"Occasionally, as with virtually all financial institutions, there are instances of fraud or breaches of third-party systems that result in our taking actions to protect our customers and Citi," the bank added.
The attack on Citibank is believed to have taken place over the summer and was detected at that time, but investigators suspect it could have taken place up to a year earlier, the paper said.
Two other entities, including a US government agency, were also attacked by hackers, the paper said, citing people familiar with the Citibank incident.
FBI spokesman Richard Kolko declined to comment, saying it is agency policy to neither confirm nor deny whether investigations are in progress. A spokesman for the Department of Homeland Security also declined to comment.
The issue of computer hacking financial institutions has been a growing concern. And after months of searching, the White House said on Tuesday that President Barack Obama picked an expert to serve as the national cyber security coordinator.
Howard Schmidt is president of the Information Security Forum, a nonprofit consortium of 300 large corporations and public-sector organizations working on cybersecurity issues. He also worked under US President George W. Bush on cyber issues.
"Most financial institutions of this magnitude are working extremely hard to avoid this kind of thing and be out ahead of it," said Scott Vernick, a lawyer at Fox Rothschild LLP whose practice includes electronic data securities matters.
"The problem is the criminals are working even harder," Vernick added.
The Wall Street Journal mentioned a Citibank customer who saw more than $1 million removed from his account and sent to banks in Latvia and Ukraine. The bank helped him recover most of the money and reimbursed him for the rest, the newspaper reported, adding that it was not clear whether the incident was part of the larger attack on Citigroup.
In a statement, the bank said it was an isolated case of fraud.
Citigroup also said that attacks are directed against companies globally, and while there had been attempts to interfere with the bank's systems, none had been successful.
But Fred Cate, director of the Center for Applied Cybersecurity Research at Indiana University, said, "I don't want to sound alarmist ... but the evidence is just overwhelming today that attacks are successful in many instances, particularly socially engineered attacks."
