Coverage: JPMorgan and other banks hacked
After news broke that JPMorgan Chase and several other banks were hit in a cyber attack, many were left wondering what that meant for data security. Here’s a look at the coverage.
Bloomberg reported in a story by Jordan Robertson and Michael Riley that the attack was coordinated and may have been done by Russians in retaliation for sanctions:
Computer hackers targeted JPMorgan Chase & Co. (JPM) and at least four other banks in a coordinated attack on major financial institutions this month, according to a U.S. official.
The attack led to the theft of customer data that could be used to drain accounts, according to another person briefed by U.S. law enforcement. The two people, who asked not to be identified because the investigation is continuing, discussed the incident after Bloomberg News reported a breach on banks earlier today.
Hackers targeted customer and employee information, said a third person involved in the investigation, who was also briefed by the government. The theft involved gigabytes of data, said several people familiar with the attacks. The scale indicates a potential for significant financial fraud.
Most thefts of financial information involve retailers or personal computers of consumers. Stealing data from big banks is rare, because they have elaborate firewalls and security systems.
The Bloomberg report said the FBI is investigating whether Russian hackers attacked JPMorgan and at least one other bank in retaliation for sanctions on the country over its involvement in the Ukraine military conflict. New York-based JPMorgan declined to comment on whether it was a victim of hacking, while saying the bank has multiple layers of defense to fend off data thefts.
The Wall Street Journal story by Emily Glazer and Robin Sidel said the investigation began earlier this month:
Cybersecurity experts began investigating the possible J.P. Morgan breach earlier this month, according to people familiar with the investigation.
Those people said that evidence had suggested hackers were able to make a significant foray into J.P. Morgan’s computer system. People with knowledge of the probe said it appeared that between two and five U.S. financial institutions may have been affected. The names of all targeted banks couldn’t be immediately determined.
The attack appears to have been caused by malicious computer code, known as malware, according to a person familiar with the matter.
The style of the attacks and the targets—large U.S. financial institutions—have led some people briefed on the investigation to suspect a possible Russian or Eastern European link. Russian organized crime often targets large financial institutions. But several people with knowledge of the investigation cautioned that it was too early to tell who was behind the attacks.
Thefts of U.S. corporate data have in the past often come from hackers based in China, Russia or the former Soviet Union, although that doesn’t mean the cyberattacks involve those governments. Hackers can act on their own and sell stolen data to other organizations.
Writing for The New York Times, Nicole Perlroth countered that the reasons for the attack still remained unclear:
But Adam Meyers, the head of threat intelligence at CrowdStrike, a security firm that works with banks, said that it would be “premature” to suggest the attacks were motivated by sanctions.
Russian hackers began a monthlong online assault on Estonia in 2007 that nearly crippled the Baltic nation, after Estonian government workers moved a Soviet-era war memorial from the Estonian capital.
Still, security experts say that the stealthy nature of the recent attacks suggests that their motivation was not political.
The American banking sector has been a frequent target for hackers in recent years, with the vast majority of attacks motivated by financial theft.
Gerry Smith wrote for the Huffington Post that consumers should be concerned about the leak coming from banks:
While numerous retailers and grocery stores have been attacked by hackers over the past year, experts say the computer security at those places was relatively porous. Successful attacks against banks, however, are unusual because the financial sector has perhaps the strongest security of any industry, said Jacob Olcott, a cybersecurity expert at Good Harbor Security Risk Management.
“The fact that even these companies can experience a successful attack should definitely raise eyebrows because they spend the most money and have the most sophisticated defenses,” Olcott said.
JPMorgan said Thursday that it is working with law enforcement to investigate a possible cyberattack against its network. The bank said it is trying to determine how much data was stolen and has not seen any “unusual fraud activity.”
A JPMorgan spokeswoman said the bank will reach out to any affected customers and encouraged them to contact the bank if they detect suspicious activity on their accounts. Customers won’t be held liable for fraud related to the attack.
While consumers should take some comfort in the fact that they won’t be liable for any fraud, it does seem like regulators, bank officials and others have some problems to solve. JPMorgan is in the spotlight since it’s the biggest bank in the country; it is important to remember that the problems may be more widespread.