http://www.securitiesindustry.com/article.cfm?articleid=16211 By John Sandman Standards Editor September 27, 2005 The Financial Crimes Enforcement Network's (FinCEN) QuikNews Web site was hacked last week. The identity and location of those responsible have yet to be determined. The Treasury Department agency, responsible for enforcing regulations against money laundering and terrorist financing, responded by closing down the news site. A mass e-mail went out from the FinCEN QuikNews address last Friday that contained two photos, one showing a street in what appeared to be a Middle Eastern town or city with a large pool of blood. The other was of a purported Iraqi child lying in what appeared to be a hospital bed next to a woman dressed in a chador. Above the photos was the caption: "take back your monsters (army)/you killed my father and mother/what you want???/ i know (oil) [sic]." The e-mail, which carried the apparently legitimate FinCEN QuikNews return address, was time-stamped at 10:02 Friday morning, a day before an anti-war demonstration in Washington. No one from FinCEN commented on any possible link between the demonstration and the timing of the security breach, or the fact that a Treasury Department official was speaking on terrorist financing and money laundering at a conference in Washington, D.C. when the breach occurred. At 10:25 FinCEN sent its own message: "You may have received a message this morning which appeared to originate from FinCEN's QuickNews system. This message was not sent by FinCEN and we are currently investigating its origins." A second message, which described QuikNews as a subscriber-based e-mail service that is hosted externally and is separate from FinCEN's main Web-based operations, said QuikNews, "appears to have been compromised this morning. We are investigating this incident." Because the compromised system is "outside FinCEN's security perimeter and is not connected to other FinCEN systems," the message continued, "Bank Secrecy Act data and all other sensitive information maintained by FinCEN was in no way, shape or form compromised by this incident." As of 5:00 p.m. the site was shut down permanently and FinCEN said it planned to reinstitute a notification service without reusing the same mailing list. FinCEN contacted law enforcement agencies, but spokesperson Anne Marie Kelly did not identify which ones. Data security has long been a preoccupation of the securities industry, even before the attacks on New York and Washington, D.C. on Sept. 11, 2001. The House Government Reform Subcommittee on Management, Finance and Accountability is holding hearings on the subject this week, with Nasdaq CIO Steve Randich expected to testify. The timing of the FinCEN incident was made more awkward by a Sept. 23 speech that was being given at a World Bank-IMF program in Washington, D.C. by Daniel L. Glaser, acting assistant secretary of terrorist financing and financial crimes at the Treasury. "The international financial system is only as strong as its weakest link," Glaser stated during his panel, which was assembled to bring together policy makers and regulators that were building effective anti-money-laundering and -terrorist-financing systems. "Financial centers that are susceptible to abuse provide terrorists and criminals with access to the international financial system as a whole. Therefore, efforts to combat terrorist financing must be uniform and global. Laxity in just a few jurisdictions undermines the efforts made by the rest." _________________________________________ InfoSec News v2.0 - Coming Soon! http://www.infosecnews.org
This archive was generated by hypermail 2.1.3 : Tue Sep 27 2005 - 22:03:02 PDT