NSA Gen. Ret. Keith Alexander to Banksters: "we’re going to have a 9/11 in cyberspace"

If he is selling the news to Wallstreet, so they will hit in Europe...


"In the interview, Alexander said that a successful major attack on a bank would shake consumer confidence even if the institution were able to recover quickly.

“If all your banking stuff was just wiped out” and the bank had no record of how much money its customers had on deposit, they could go back to their last surviving record -- but that might not be today,” Alexander said.
...

Some state regulators also have been leaning on the banks they supervise.

“I don’t want to be Chicken Little and say the sky is falling,”
Benjamin Lawsky, superintendent of New York’s department of financial
services, said in an interview. “But we really need to focus on this issue.”
...

“What I’m concerned about is we’re going to have a 9/11 in cyberspace,” he said. “We don’t need to suffer this kind of attack.”

www.bloomberg.com...


Ukraine crisis and Iraq are already weakening Europes natural gas supply, this weakens the EU power grid since that gas is needed for the turbines that are leveling the highly volatile green energy supply from wind and sun. A 9/11 format cyber attack on banks, exchanges and power grid in Europe would kill the world markets.

Smells like the V date 15th of july could mean some wicked fun. North stream pipeline next, cyberwar after until september, Russia as the scapegoat?

Well no crap. If you've been yelling "Too big too fail!" from the rooftops about the major banking corporations for the last 6 or so years, eventually some bad dude is going to figure out that that is a GREAT place to make an attack since knocking even one of those corporations down would cause CRAZY ripples throughout the western economies.

a reply to: greyhat

With so much data redundancy today, I don't even see how a major attack would happen where all information was wiped away clean...

a reply to: jhn7537

Companies don't back up all information daily. They have daily, weekly, monthly, and yearly backups. So while much of the vital information may be backed up daily, some simple information could be backed up weekly or monthly and be out of date if a data loss occurred. Also, backups fail from time to time. What if the attack was just lucky enough to occur when the backup fails to backup properly? Day old financial information is HUGELY out of date and just loading up that information alone would still cause billions of transactions to be unrecoverable or lost.

a reply to: Krazysh0t

I would agree that most companies don't back up daily, but I'm sure major banking institutions are constantly backing up their critical data. Not to mention most companies have DR plans and co-location sites to give them more points of contact. I guess anything is possible, I just see it being highly unlikely.

a reply to: jhn7537

You aren't getting my point. Even day old information is massively out of date when it comes to banking information. As we currently cannot backup instantly as data is generated (yet), daily is the soonest we backup. If the last transaction that was backed up at the bank occurred at 12 midnight last night and the attack occurred at 4 pm the next day, what about all those transactions between midnight and 4 pm?

a reply to: greyhat

So this is the same Gen Alexander who said NSA surveillance techniques had stopped 50 attacks since 9-11. Yet there is no proof of a single one. Let me know when he is not beholden or a puppet to Big Business and the Govt. I trust him about as far as I can throw him. He lied to Congress (under oath) knowingly and should be either in jail or facing a trial as we speak now. I mean he may have a point about this actually.... But who can believe a word he utters now. This is his way to try and get more power... More authority and more resources for the 3 letter agencies he worked for to spy and watch American citizens to a further degree.

originally posted by: jhn7537
a reply to: greyhat

With so much data redundancy today, I don't even see how a major attack would happen where all information was wiped away clean...

If it were my job i would change data over a longer period in the background in order to contamine backups and wipe later.

Someone was able to slow down a HFT hedge fund in the background, so this should be possible.

www.zerohedge.com...

a reply to: greyhat
If Gen. Alexander can't get more money/power from Congress - he can just go to the Banks.
They'll be sure he get's what he's asking for...

please please.... wipe out The Chase bank Mortgage Financial Directory !!!!!

a reply to: Krazysh0t

When I worked as a courier for a bank, all the records were backed up on tape daily, and I was required to take them to be "processed" at some place across town every day. The tapes were in this James Bond-esque locking briefcase.

I don't know about all banks and financial institutions though.

originally posted by: MystikMushroom
a reply to: Krazysh0t

When I worked as a courier for a bank, all the records were backed up on tape daily, and I was required to take them to be "processed" at some place across town every day. The tapes were in this James Bond-esque locking briefcase.

I don't know about all banks and financial institutions though.

I believe you, but again there is still a gap in the backup when it is done daily. See my example above about daily backup at midnight but data loss 16 hours later. What about all that lost data for the last 16 hours? With banks, that is MILLIONS if not BILLIONS of transactions.

originally posted by: Krazysh0t

originally posted by: MystikMushroom
a reply to: Krazysh0t

When I worked as a courier for a bank, all the records were backed up on tape daily, and I was required to take them to be "processed" at some place across town every day. The tapes were in this James Bond-esque locking briefcase.

I don't know about all banks and financial institutions though.

I believe you, but again there is still a gap in the backup when it is done daily. See my example above about daily backup at midnight but data loss 16 hours later. What about all that lost data for the last 16 hours? With banks, that is MILLIONS if not BILLIONS of transactions.

Anyone in IT certainly understands daily backups, but financial companies (especially those with a national or international presence) are also using techniques like log file shipping to other geographic areas to minimize data loss. Even at my own small company, I can move data and servers with virtualization and live migrations and end users are none the wiser, and that's on my very, very small IT budget.

It may be difficult to recover every single transaction, but your scenario of losing 16 hours of data is more likely with a smaller bank without large IT resources.

originally posted by: peter_kandra
It may be difficult to recover every single transaction, but your scenario of losing 16 hours of data is more likely with a smaller bank without large IT resources.

The limit is "time to bank run". How much time may a recovery take?

a reply to: greyhat
To clarify a little on the main/backup data centres, imagine it like a non-local encrypted RAID system. By law, at least in Canada anyway, banking backup data centres have to be at least 60 miles away from the main data centre at head office just in case of nuclear war or other major catastrophe. They use encrypted servers/clients at both ends to update data "on the fly" for the backup servers and use a private network that doesn't even interface to the internet, meaning their own leased fiber optic cables.

Getting to the head office servers is difficult, but can be done through the ATMs and local bank network feed systems. It could be done by simply adding a promiscuous server between the bank and head office then skimming data until you had the "local" keys to the kingdom or maybe by inserting buffer overflow attacks but this kind of attack will be noticed quickly so the whole hack, crack and insert virus process would have to be automated and operate within a second or two, that might work. But really that's probably not enough, more than likely now you would need physical superuser/admin access at head office to get that virus in place from a local networked superuser/admin allowed machine or directly at the main data centre servers.

But there is still another problem, you can possibly take control of the main servers, but in order to change the data, you have to do it in the main data centre servers as well as the backup data centre servers, in sync and over time, it can't all be done at once or with too much data change or the system halts. So, you would have to understand the system and use it against itself, over time, but even that sets off warning flags. A good hacker might need a day or two going in "blind" to figure all this out and take intelligent control, but that is way too much time, they would be caught.

So the insertion of an automated control system would have to be implemented physically at the main head office servers and the data centre servers in sync, however that is only good if one is running a "scorched" earth program.

This is purely examining the nature/security of main/backup data centres and I don't suggest anyone attempt this, so it's informational only.

Cheers - Dave

originally posted by: jhn7537
a reply to: greyhat

With so much data redundancy today, I don't even see how a major attack would happen where all information was wiped away clean...

You press an excellent point, I however have 3 letters for you...
I.R.S.!

originally posted by: g146541

originally posted by: jhn7537

a reply to: greyhat



With so much data redundancy today, I don't even see how a major attack would happen where all information was wiped away clean...

You press an excellent point, I however have 3 letters for you...

I.R.S.!

"Not only did the evil doers wipe out the data, they also recycled the harddrives inside the bank."

Personally, I'm beyond offended to read a government official invoking the spirit of 9/11 in reflection of an economic attack. Real lives were lost on 9/11... 2,977 real people died alongside 19 subhuman savages on that day. Nice to see the feds have essentially applied a monetary value to that event for use in categorizing and comparing cyber attacks to physical attacks.

a reply to: peter_kandra

Ok fair enough. I guess it all depends on the banking corporation and how cocky they are with their security and backups I guess.

a reply to: greyhat

Remember this?
www.washingtonpost.com...

Purportedly, the Syrian Electronic Army simply hacked multiple twitter accounts of news sites, issued a false tweet on the loss of the president due to terrorism and it sent the automated portions of the market into a selling frenzy and nearly crashed the market. It recovered rapidly; however, they exposed a weakness in the way things are done by the largest investment firms and banks and it did cause a blow to public confidence.

So yes, the system is vulnerable as Alexander points out and all it takes is more of these kind of events to have that "terrifying" loss of public confidence. Public confidence is the name of the game for most investment firms and banks as it is a tremendous market driver.

Where I disagree with Alexander is in this idea that it would be the "9/11 in cyberspace". For that, I'd like to make him wash his mouth out with soap. People died in horrendous ways on 9/11. Conjuring that image for an electronic attack on Wall Street or the major banks is just rude and tasteless fear mongering.

a reply to: bobs_uruncle

Dave, thx, i did my first DRBD pair around 2008, i understand the technical part quite well.

The server is not the biggest problem. How do we keep root from doing bs?