Americans’ bank info could be at risk in possible Fed hack

A Russian hacking organization appears to be in the process of blackmailing the Federal Reserve. 

On June 23, 2024, the criminal organization LockBit 3.0, a Russian ransomware cybercriminal group, publicly stated that it hacked the Federal Reserve and implied it would release over “33 terabytes of juicy banking information containing details of Americans’ banking secrets” unless a large ransom is paid.

More specifically, the cyber-terrorist organization says the Federal Reserve and the U.S. government have until tomorrow afternoon, June 24, at 4:27 p.m. EDT to comply with its undisclosed monetary demands. A LockBit Tweet last night alludes to the hacking group’s displeasure about the Federal Reserve’s response to their demands:

“You better hire another negotiator within 48 hours, and fire this clinical idiot who values Amercans’ bank secrecy at $50,000.”

Only a flurry of cyber security news websites have reported on this situation so far.

Meanwhile, the Fed itself has not yet confirmed publicly that indeed this serious hack has actually occurred, as LockBit claims.  

US and Russian LockBit hackers are locked in battle

It’s possible LockBit cyber terrorists are simply playing a prank… and that they have not actually accessed and downloaded 33 terabytes of sensitive data from Federal Reserve servers.  They have played such pranks in the past.

Brett Callow, a threat analyst at the cybersecurity firm Emsisoft, told the Daily Dot that he believed LockBit was merely attempting to garner attention.

“LockBit’s claim is likely complete and utter bollo… erm, nonsense, and a tactic designed to get its ailing RaaS [Ransomware-as-a-Service) back into the limelight.”

Given the Tuesday deadline, though, it may not be long until we find out.

To be sure, there certainly has been an ongoing battle between LockBit and the United States government.

According to Simon Sharwood of The Register, on February 19, 2024, the National Crime Agency, in collaboration with Europol and other international law enforcement agencies, seized control of darknet websites belonging to the LockBit ransomware gang as part of Operation Cronos.

Only weeks ago, the FBI released 7,000 decryption keys that it obtained from the group – keys that would enable prior victims of ransomware attacks to finally access their frozen data.

Also, one month ago, the U.S. government indicted and imposed international sanctions on LockBit’s administrator Dmitry Yuryevich Khoroshev.

According to the U.S. Department of State, as of May 7, 2024, the government is offering a reward of up to $10,000,000 for information leading to the arrest and/or conviction of LockBit’s Dmitry Khoroshev in any country. 

This most recent U.S. response was triggered by LockBit’s activities in May 2024, when the organization conducted more successful ransomware attacks around the world than any other terroristic cybergroup. 

LockBit started its activities around 2019 and has since conducted multiple high-profile ransomware attacks on major companies, banks, and government departments around the world. 

Some of LockBit’s most prominent attacks have included the United States Department of Justice, Fulton County Georgia Boeing, British Royal Mail, Taiwan Semiconductor Manufacturing Company Limited (TSMC), and the Port of Nagoya in Japan.    

The U.S. government tends to not pay ransom demands since doing so encourages further hacks and uses of ransomware. Instead, the DOJ and other departments tend to pour more resources into finding the culprits in partnership with international agencies, while remediating the damages.

A hack of Federal Reserve data could be damaging

If LockBit 3.0 indeed has 33 terabytes of Federal Reserve data, the implications could be severe. 

Private citizens could be more vulnerable to identity theft, to say nothing of the breach of Americans’ privacy relating to their past spending habits, social security and bank account numbers, and other private information. 

More fundamentally, such a hack could further undermine the confidence in the Federal Reserve System worldwide.

Meanwhile, ransomware attacks connected with the financial system could prompt central planners to attempt to fast-track a central bank digital currency (CBDC) as a means to “protect” the U.S. dollar (aka the Federal Reserve Note) and supposedly provide more security via blockchain technology.

No matter the response, a serious hack of the Federal Reserve conceivably poses a threat to national security, the stability of the Fed, the fiat dollar, and the current monetary system. Confidence can be fleeting. And when there’s little more than confidence backing the whole system, we’re indeed in a precarious situation.