Russian Hackers Blamed For Major Cyber-Attacks Against Five US Banks Including JP Morgan
The FBI has opened an investigation into a series of cyber-attacks carried out earlier this month against up to five US banks with the perpetrators gaining access to the banks' internal system and stealing sensitive data.
The only bank identified so far is JP Morgan but according to a federal law enforcement official speaking to USA Today, at least four other US banks had been compromised in the attack.
The source also said that investigators believe that a group of Russian hackers were behind the cyber-attack and while it is not believed the banks suffered any financial loss, sources speaking to Bloomberg said the attackers had stolen sensitive data.
JP Morgan has not confirmed it was involved in this specific attack, but said that companies "of our size unfortunately experience cyber-attacks nearly every day. We have multiple layers of defence to counteract any threats and constantly monitor fraud levels."
The FBI said it is "working with the United States Secret Service to determine the scope of recently reported cyber attacks against several American financial institutions."
Who and why?
The question now is who was really behind the attacks, and what were their motivations.
Russia is well known as a hot bed for cyber-criminal activity with many high-profile groups based in the country - including the gang which operated the high profile Gameover Zeus malware that was disrupted recently.
However, it is unlikely that a criminal gang were behind these attacks on US banks.
The reason is that if it was a criminal gang, it would have been financially motivated and would have stolen some money during he attacks.
"None of the people commenting on the incident mentioned a direct financial loss, or a direct fraudulent financial activity by the attacker. Everyone is talking about grabbing sensitive information. I find it odd that someone who was actually able to break into a bank is not using it for making immediate profit," Amichai Shulman, CTO of security company Imperva told IBTimes UK.
This leaves just two possibilities according to Shulman. First, the public is not being told everything or second, these were politically motivated hackers.
Nation-state involvement
As well as the lack of financial loss, the sheer technical achievement of breaching the cyber-security of so many banks would also suggest the involvement of a nation-state.
"The ability to overcome the typical financial defence-in-depth strategy outlined by JP Morgan points to capabilities that go beyond criminal activity and are in the realm of nation state capabilities. JP Morgan and similar entities employ sufficient technology to protect themselves from criminals, but typically fail to invest enough in technology and process to shield themselves from nation state's ability to access their systems at will," Philip Lieberman, CEO of Lieberman Software told IBTimes UK.
This is not the first time a nation-state has attacked US financial institutions with the Iranian government alleged to have financed a group of hackers in 2012 and late 2013 when they carried out denial-of-service attacks against banks across the US.
While the method and result of the attack would seem to suggest that the recent sanctions imposed on Russia following the Ukraine crisis were the motivation behind the attacks, Shulman warns that this may be an over-simplistic explanation:
"Everyone is trying hard to tie this with the whole political situation with Russia. However, it is well known that for a few years now, a large portion of banking attacks and financially related hacking has consistently been coming from Eastern Europe."
© Copyright IBTimes 2024. All rights reserved.