AI threat to your bank account.

[Jerry1]

This article is about a warning from the treasury department about the ability for AI to find vulnerabilities in basically any system and exploit it. I’m not sure what we can do if all of our accounts are vulnerable but I’m wondering if it might be prudent to spread my retirement accounts around. I have a MYGA through one company and a lot in Fidelity and not so much in my credit union. I think it might be a good idea to put some of my Fidelity funds into a different brokerage company. It also makes me feel like holding some physical gold wouldn’t be a bad idea. Again, just to spread the risk of cyber attacks. Scary times we’re in with AI and machines/robots in general. Of course there’s a lot of potential for good, but seems like the bad can be pretty bad.

https://www.thestreet.com/personal-finance/treasury-warning-ai-cybersecurity-threat-to-your-bank-account

 

[Orange]

I would suggest some physical cash vs gold but nothing wrong with both. Schwab, Fidelity etc. seem to always try to get you to consolidate your banking and bill pay with them. For security we've always kept that separate with a regular bank. Also downloading and backing up your monthly financial account statements is a good practice.

 

[Dash man]

We split our equities between Schwab and Fidelity, plus we keep funds in a bank and a credit union. We also have gold and two vacation homes. We have open accounts with minimal funds in two other credit unions and two other banks. Maybe we should spread it around more.

 

[gauss]

IMHO, I think you need to understand how the law / regulations work regarding this if the technology fails us.

I believe that banking and credit card have strong consumer protections if any discrepancies are promptly reported to the institution by the account holder.

My larger concern has been the protection of brokerage/retirement accounts where protections at the Federal level are weaker.

I wonder if an Umbrella insurance policies handle this type of a loss.

-gauss

 

[audreyh1]

I wonder if an Umbrella insurance policies handle this type of a loss.

-gauss

nope, umbrella is strictly liability insurance.

 

[GrayHare]

The abstraction of money leads to this odd situation. We're talking about risk to digits within an account, digits that have no intrinsic value. Stealing digits can accomplish only what the banking system permits. I like to think the banking system has offline data backups and can restore digits that get scrambled. Maybe I have too much faith?

 

[gauss]

If someone steals the funds represented by those digits, which I think is what the Anthropic MythOS AI threat is about, then a past backup would not have much power to mitigate this.

It is the laws/regualtions in place that control how those digits relate to tangible purchasing power.

 

[GrayHare]

If someone steals the funds represented by those digits, which I think is what the Anthropic MythOS AI threat is about, then a past backup would not have much power to mitigate this.

It is the laws/regualtions in place that control how those digits relate to tangible purchasing power.

Very true. In an emergency, such as everyone's accounts being set to $0, I would think Congress would step up and amend those laws.

 

[Aerides]

Not gonna move my stuff. I figure if FIDO is getting broadly hacked the world has MUCH bigger problems and my balance won't help me with those.

 

[YellowSubmarine]

Never single source anything of importance.

 

[jazz4cash]

This is baffling to me. A warning with no recommendation for what individuals can do to protect themselves except “use strong passwords”?

“The new AI model has demonstrated the capability to identify and exploit cybersecurity vulnerabilities across all major operating systems and browsers”

Isn’t that good news if all these vulnerabilities are identified, they can be fixed before the next generation of hackery appears. Rinse and repeat as we have always done. The risk of having all your eggs on one basket is a very, very old warning.

 

[target2019]

The key paragraph comes from Powell:

“Cybersecurity remains one of the most critical risks facing the banking sector, and advancements in AI are likely to intensify these challenges,” Powell said, adding that the Mythos model “has raised concerns due to its capability to identify and exploit cybersecurity vulnerabilities across all major operating systems and browsers.”

Talk to your institutions about their security model. Have investments split across major companies.

If you seek more knowledge, I think a good place to start is NVD - Vulnerabilities to get a better sense about what vulnerabilities exist, and patches exist. Actual patching is a large endeavor.

Probably not a great idea for govt to reduce security workforces.

So AI models ingest the known data base and are then armed to create incursions across the Internet with bots and what have you. Even worse, AI can discover new vulnerabilities by analyzing old ones and proposing new, more deadly fractures.

Thoughts and prayers?

 

[Car-Guy]

Perfect, I just finished consolidating most of my accounts.

 

[Dtail]

Not gonna move my stuff. I figure if FIDO is getting broadly hacked the world has MUCH bigger problems and my balance won't help me with those.

Same thought plus BOA.

 

[ncbill]

Well, with the major brokerages you can use authenticator apps instead of your cell phone number as 2FA.

Not sure what else you could do to protect yourself...if one brokerage is compromised by AI they all will be.

 

[gregzx]

Yes, spread your money. Different brokerages, credit union, physical gold and cash in a safe. AI can find holes in any system, so don't keep everything in one place. Use strong passwords and two-factor authentication. Non digital assets can't be hacked. Not panic, just smart.

 

[Al18]

The US Government needs to shut Mythos down - it's a national security threat.

 

[target2019]

The US Government needs to shut Mythos down - it's a national security threat.

Once a weapon is developed, your enemies come up with countermeasures. So we need to work on Mythos II.

 

[MichaelB]

I suggest doing one little thing that could make a world of difference down the road, which is to print and file somewhere one statement from each account, showing account number, holdings and balances. Then update yearly (or more frequently).

 

[target2019]

I suggest doing one little thing that could make a world of difference down the road, which is to print and file somewhere one statement from each account, showing account number, holdings and balances. Then update yearly (or more frequently).

Done.

Updating these only takes a few minutes, but can save the beneficiary a lot of confusion.

 

[Family]

This is one reason I stay diversified, including rental property. It's difficult to steal a house. Illegal mortgage loans & illegal title transfers could take place, but the asset & associated value remain in place, so scam recovery seems likely to me.

 

[tulak]

This is baffling to me. A warning with no recommendation for what individuals can do to protect themselves except “use strong passwords”?

“The new AI model has demonstrated the capability to identify and exploit cybersecurity vulnerabilities across all major operating systems and browsers”

Isn’t that good news if all these vulnerabilities are identified, they can be fixed before the next generation of hackery appears. Rinse and repeat as we have always done. The risk of having all your eggs on one basket is a very, very old warning.

You missed the thread that discussed where these exploits are being used immediately, before companies have a time to patch them. Thanks to AI.

I’m always willing to take reasonable precautions. I have a quarterly reminder to save statements locally. I’ve preferred not to print them out, but I might rethink that part.

 

[GrayHare]

If a bank's customer web access portal is the only weak spot, and it don't think it is, the simple solution is to delete your online access to accounts. I suspect the bigger threat exists at the bank/brokerage system level, something to which ordinary customers like us do not have access.

 

[Sunset]

I suggest doing one little thing that could make a world of difference down the road, which is to print and file somewhere one statement from each account, showing account number, holdings and balances. Then update yearly (or more frequently).

Good idea, but I'd say do it monthly so it's nearly current, plus it forces a person to see their account each month.

 

[Aerides]

If a bank's customer web access portal is the only weak spot, and it don't think it is, the simple solution is to delete your online access to accounts. I suspect the bigger threat exists at the bank/brokerage system level, something to which ordinary customers like us do not have access.

Yeah I don't think passwords and 2fa are the answer when it's a database hack.