Cybersecurity

Treasury Secretary warns of cyber threats to financial sector

Wikipedia image: Jacob Joseph

Treasury Secretary Jacob Lew said cyberattacks on the financial industry present "a real threat to our economic and national security."

Treasury Secretary Jacob Lew warned of the dangers of cyberattacks on the financial sector in a July 16 speech in New York City, calling the cyber defense of businesses and government "a central test for all of us going forward."

"When credit card data is stolen, it disturbs lives and damages consumer confidence. When trade secrets are robbed, it undercuts America's businesses and undermines U.S. competitiveness," Lew said. "And successful attacks on our financial system would compromise market confidence, jeopardize the integrity of data and pose a threat to financial stability."

Private firms are primarily responsible for protecting themselves against cyber threats, but government can help by prosecuting cyber criminals, holding "state-sponsored attackers accountable and [providing] critical intelligence about specific threats and to share best practices," he said.

Hackers have already taken aim at the U.S. financial sector, notably in September 2012 when several big banks were hit by distributed denial-of-service attacks. Then-National Security Agency Director Gen. Keith Alexander warned last year that a foreign nation could cripple America’s financial system with a cyberattack.

More than 250 DDOS attacks have hit U.S. banks and credit unions since 2011, Lew said.

"Cyberattacks on our financial system represent a real threat to our economic and national security, but a malicious cyber actor can cause catastrophic damage to our financial system without directly attacking a bank," he said.

"Risks to the system can be found at the vendors, suppliers and contractors who keep our financial system running," Lew added, referencing the hacking last year of billing information for tens of millions of Target customers. Hackers allegedly breached Target’s computer network through a heating and air conditioning contractor.

Lew beseeched financial services firms and vendors that serve them to use the Obama administration’s framework document for managing cyber risk for critical infrastructure. "Just as you consider your counter-parties when you take on financial risk, you should also consider your counter-parties in the area of cyber risk," he advised.

Lew joined a chorus of administration officials calling on Congress to pass a cybersecurity bill to bolster public-private information sharing of threats and to protect firms from liability for sharing such information.

"As it stands, our laws do not do enough to foster information sharing and defend the public from digital threats," Lew argued.

Experts have credited a $2 million grant from the Treasury Department in 2003 for boosting the effectiveness of the Financial Services Information Sharing and Analysis Center, a forum for banks and other financial firms to share cyber-threat information. In his speech, Lew highlighted a complementary tool available to the financial sector: a working group of cyber experts set up by the Treasury Department that feeds threat information to banks.

Thumbnail image: Jacob Lew and company touring Verizon.

Treasury Secretary Jacob Lew (right) speaks with Bryan Sartin (center), director of Verizon Enterprise Solutions' RISK Team, and Josh Sura, manager of Verizon's FiOS Network Operations Center. (Photo: Sean Lyngaas)

The Treasury secretary visited Verizon Enterprise Solutions' office in Ashburn, Va., on July 15 for a private briefing on cyber threats with Verizon executives. Lew then toured the telecom subsidiary’s network operations center, stopping for a minute to tell reporters, "we've made a lot of progress, but we still have work to do to make sure that our systems are all safe from cyber threats. It's a very important challenge that we face economically, and in terms of our security."

Michael Maiorana, a senior vice president of Verizon Enterprise Solutions who met with the Treasury secretary, said his main message to agency heads like Lew is that “their networks are under constant attack.” Federal chief technology and information security officers routinely come to VES’s sprawling Ashburn facility for detailed cybersecurity briefings, he said.

About the Author

Sean Lyngaas is an FCW staff writer covering defense, cybersecurity and intelligence issues. Prior to joining FCW, he was a reporter and editor at Smart Grid Today, where he covered everything from cyber vulnerabilities in the U.S. electric grid to the national energy policies of Britain and Mexico. His reporting on a range of global issues has appeared in publications such as The Atlantic, The Economist, The Washington Diplomat and The Washington Post.

Lyngaas is an active member of the National Press Club, where he served as chairman of the Young Members Committee. He earned his M.A. in international affairs from The Fletcher School of Law and Diplomacy at Tufts University, and his B.A. in public policy from Duke University.

Click here for previous articles by Lyngaas, or connect with him on Twitter: @snlyngaas.


The Fed 100

Save the date for 28th annual Federal 100 Awards Gala.

Featured

  • computer network

    How Einstein changes the way government does business

    The Department of Commerce is revising its confidentiality agreement for statistical data survey respondents to reflect the fact that the Department of Homeland Security could see some of that data if it is captured by the Einstein system.

  • Defense Secretary Jim Mattis. Army photo by Monica King. Jan. 26, 2017.

    Mattis mulls consolidation in IT, cyber

    In a Feb. 17 memo, Defense Secretary Jim Mattis told senior leadership to establish teams to look for duplication across the armed services in business operations, including in IT and cybersecurity.

  • Image from Shutterstock.com

    DHS vague on rules for election aid, say states

    State election officials had more questions than answers after a Department of Homeland Security presentation on the designation of election systems as critical U.S. infrastructure.

  • Org Chart Stock Art - Shutterstock

    How the hiring freeze targets millennials

    The government desperately needs younger talent to replace an aging workforce, and experts say that a freeze on hiring doesn't help.

  • Shutterstock image: healthcare digital interface.

    VA moves ahead with homegrown scheduling IT

    The Department of Veterans Affairs will test an internally developed scheduling module at primary care sites nationwide to see if it's ready to service the entire agency.

  • Shutterstock images (honglouwawa & 0beron): Bitcoin image overlay replaced with a dollar sign on a hardware circuit.

    MGT Act poised for a comeback

    After missing in the last Congress, drafters of a bill to encourage cloud adoption are looking for a new plan.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group