The Curious Case of Cybercrime at Citigroup


The Curious Case of Cybercrime at Citigroup: “

On the same day that the Obama administration is finally expected to appoint a new cybersecurity coordinator, it came to light that the FBI was investigating a possible theft of tens of millions of dollars from Citigroup’s Citibank subsidiary. Information about the breach is sparse at the moment, but it seems to have happened several months ago and could be tied back to the ‘Russian Business Network’, a Russian gang of cybercriminals. The details are so murky that Citigoup won’t even admit it has occurred:

Joe Petro, managing director of Citigroup’s Security and Investigative services, said, ‘We had no breach of the system and there were no losses, no customer losses, no bank losses.’ He added later: ‘Any allegation that the FBI is working a case at Citigroup involving tens of millions of losses is just not true.’

If it is true, and the numbers of dollars stolen prove to be accurate, then there has been nearly $300 million stolen in the U.S. alone last year by cybercriminals. And this includes only the losses banks and other organizations have actually reported. The number is certainly much higher. Cyberattacks against U.S. businesses has gotten so bad that former White House cybersecurity director Melissa Hathaway has declared it an epidemic.

We could keep spouting out depressing numbers and the fact that attacks like this will be commonplace in 2010. But we are in the middle of the holiday season, so let’s bring some of that optimistic spirit to the table. Reading The Wall Street Journal’s report of the Citibank attack one line seemed to be the silver lining:

The FBI and the National Security Agency, along with the Department of Homeland Security and Citigroup, swapped information to counter the attack, according to a person familiar with the case.

Obviously none of these agencies are publicly commenting on this attack, therefore we can’t be sure how closely they worked together, how quickly information was shared and what they did to ‘counter the attack’. But this is a bright spot in our fight against cybercriminals. In July of this year I wrote, ‘Four Critical Priorities for USCYBERCOM‘, in which I spent much of the post urging more communication across agencies. Not only to help counter any attacks, but to help prevent attacks from spreading throughout our critical infrastructure. In this case it seemingly happened.

Many folks might be surprised to see DHS and NSA working on a bank robbery. But today’s bank heists not only mean millions of dollars stolen, but may also be a harbinger to broader attacks. Get into the door at Citibank and you can conceivably connect to other banks and organizations, including government agencies, doing business with the bank. Makes sense to get DHS and NSA working with the FBI right away.

Should be an interesting first day for Howard Schmidt.

(Via BreakingPoint Labs Blog.)


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: