by Susanne Posel
July 16, 2014

from OccupyCorporatism Website








Jack Jew, Secretary of the Department of the US Treasury told the press at a conference called the CNBC Institutional Investor Delivering Alpha (IIDA) that hundreds of cyber-attacks on the financial system (i.e. banks and other monetary institutions) hold,

"the potential to cause massive economic damage if 'core operational functions' of major financial institutions were compromised."

Lew emphasized that utilities corporations have been victims of cyber-attacks as well and this,

"incursion at a strategic point along the network could lead to market disruption and massive harm."

The Treasury Secretary said:

"Far too many hedge funds, asset managers, insurance providers, exchanges, financial market utilities, and banks should and could be doing more. In particular, it is imperative that firms collaborate with government agencies and with other firms.


Disclosing security breaches is often perceived as something that could harm a firm's reputation. This has made many businesses reluctant to reveal information about cyber incidents."

The warning included threats that,

"the consequences of cyber incidents are serious. When credit card data is stolen, it disturbs lives and damages consumer confidence. When trade secrets are robbed, it undercuts America's businesses and undermines U.S. competitiveness."

Earlier this month the,

  • American Bankers Association (ABA)

  • Financial Services Roundtable (FSR)

  • Bank of America (BoA),

...called for the passage of a proposed cybersecurity bill through the Senate that would save banking customer's account balances from hackers.


Wall Street and technocratic corporations are decrying a need for,

"a government-industry cyberwar council to stave off terrorist attacks that could trigger financial panic by temporarily wiping out account balances."

In 2012, Kaspersky Lab, a Moscow-based computer security firm has found a cyber surveillance virus that was,

  • spying on banking transactions

  • stealing login information for social networks, email and instant messaging in the Middle East,

...specifically targeting Lebanon's,

  • BlomBank

  • ByblosBank

  • Credit Libanais,

...and infected computers also include,

  • CitiGroup Inc.'s Citibank

  • eBay's Paypal online payment system

The virus' focus on online banking makes it a potential threat to banking systems worldwide.


Researchers warned that this virus was conducting surveillance on banking transactions and being used to steal money out of targeted accounts. The virus called called Gauss was a new virus; related to Stuxnet, Flame and Duqu, yet a more sophisticated, state-sponsored cyber-espionage tool.


Researchers from the security software manufacturer Symantec Corp, confirm Kaspersky Lab's summation that Gauss is related to previous government-created cyber warfare viruses.


Gauss is capable of being used as a weapon to attack industrial control systems, just like Stuxnet which was used to go after Iran's Natanz nuclear power plant facility in 2010.


Gauss can encrypt programs that are compressed onto a USB drive and decompress them once the virus is able to contact to a targeted computer.


Kapersky Lab stated:

"After looking at Stuxnet, Duqu and Flame, we can say with a high degree of certainty that Gauss comes from the same 'factory' or 'factories.' All these attack toolkits represent the high end of nation-state-sponsored cyber-espionage and cyber war operations."

The Department of Homeland Security (DHS) analyzed Gauss' potential threat to the US.


Peter Boogaard, DHS spokesperson commented:

"The department's cyber security analysts are working with organizations that could potentially be affected to detect, mitigate and prevent such threats."

Because of the fiasco in mortgage-backed securities that begun in 2008, the international banks have been propping up the American financial system to stave off a complete monetary collapse in the US.


If the intention is to cause another upset in the global monetary system, Gauss may be the mode in which they are able to carry this out.


Just like during the MF Global scandal where Jon Corzine ordered segregated customer funds to be secretly redirected into accounts in JPMorgan, Gauss could redirect funds from bank accounts to undisclosed places.


Guass, which is an online banking surveillance virus, has the capability of electronically transferring information out of customer accounts to be redirected to another location. The banking industry, who is now threatening the wipe-out of customer accounts, would be dramatically affected by Gauss were this virus to cause every banking customer to become insolvent overnight.


Imagine the call for a banking holiday because Gauss has infected the all domestic financial computer systems. In order to purge the virus, all banks would need to shut down for a specified amount of time in order to reconfigure their computers.


Perhaps on a Friday afternoon, the major banks will all announce that they will shut down to customer activity so they can "get rid of" Gauss from their system.


The banks might say that they will reopen to the public on Monday morning only to find that customer funds were electronically transferred from private checking accounts out to off-shore banks where they could not be touched.


Two years ago, Trusteer, the Israeli-based security firm, discovered a banking virus that will steal funds from customers and cover its tracks in the process.


This new creation from the SpyEye Trojan will,

"swap out banking Web pages... preventing customers from realizing that their money is gone."

This Trojan waits patiently for the user to visit their online banking site, copies their login and password, then divulges the personal data surveyed; such as debit/credit card information.


When the user inputs their credit/debit card information in to conduct a purchase, the Trojan will swap web pages and siphon out the funds. According to Truseeter, this is a "post transaction attack".


The cover-up capability of this Trojan is remarkable. It will edit balance amounts, line by line transactions, and all activity that would trigger suspicion by the owner of the account.


In 2011, SpyEye Trojan attacked Android mobile online banking by siphoning out data from the customer to be used by the hacker.


SpyEye also changes while circumventing mobile SMS which is a security measure taken by banks when a customer is conducting online account transactions to certify that the correct user is conducting the business.


SpyEye was victimizing Verizon customers with fake billing pages that require the customer to log in which reveals personal financial data to the virus concerning the user.


This Trojan can deter anti-virus software, jumping over firewalls and sit undetected between the browser and the computer redirecting the user to pages without ever being caught.