The Fed learns from experience

The Fed learns from experience

Every cyberattack is a classroom. That's the view of the Federal Reserve.

To protect the Reserve's IT infrastructure, the systems team searches for lessons to be gleaned from each attack, said Mary Ann Emerson, the Federal Reserve Board's IT director.

'When money went from being physical in form to also being electronic, our security practices had to evolve as well,' Emerson said today at the Computer Security Institute's annual conference in Washington.

Her staff does after-action reviews of malicious code events. The Blaster attack review led to a major patch policy change, for instance.

When the Blaster worm appeared last year, the Fed had tested the Microsoft Corp. patch that would stop it, but policy required that it be deployed only on the weekend to avoid disrupting business operations. The worm forced all-night sessions to push the patch out early and create workarounds on unprotected machines, Emerson said.

As a result of that incident, the Fed now allows deployment of patches during the workweek.

The Sasser worm in May 2003 convinced the IT department to filter out all executable attachments on incoming e-mail.

The IT shop also can be proactive and has conducted stings to check compliance with its policies, Emerson said. During the tractor incident on the National Mall that tied up traffic in downtown Washington for three days, the IT staff sent out an e-mail with an attachment that purported to be a photo of the tractor and driver. When opened, the attachment provided the user's identity to the IT staff.

Despite a Fed policy against opening e-mail attachments, 'half of our employees who received it opened it,' Emerson said. 'That was a bad day for our IT staff.'

That incident resulted in temporarily blocking all incoming e-mail, she said.

About the Author

William Jackson is a Maryland-based freelance writer.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected