On April 24th, the St. Louis Federal Reserve’s popular data service, FRED, was hacked by unidentified assailants. For those who do not know, the Federal Reserve Economic Data (FRED) is a data aggregation and presentation service provided solely by the St. Louis Branch of the US Fed. Bankers, financial advisers, professors, and students (yours truly) all use the service to acquire the most up to date economic data on the US and various other nations.
However, the St. Louis Fed reports that no compromise was made to their data systems, so what gives? The hackers used what is known as ‘DNS spoofing,’ where they fool users’ browsers into thinking they are visiting the real login page and users then enter their login credentials into the fake website. Additionally, it is possible to install malware on the systems through which users attempt to login. All these possible actions result in the hackers getting access to precious user information, especially since many of those users are bankers, financial advisers, etc.
While nothing has occurred from this security breach, it does not take a lot of insight to see the possible end-game at play. Anyone who manages to get the login details of high profile financial workers possibly has the ability to breach more valuable systems, especially if those users do not practice adequate cyber security protocol (using different passwords for different sites, etc).
This is only my speculation, but DNS spoofing is far from new and the situation outlined above has definitely occurred before, albeit on a lower level. However, as day to day life is increasingly digitized, the importance of cyber security increases as well. What will happen is anyone’s guess.