JPMorgan and other US banks get hacked. Why is Russia getting the blame?

Graham Cluley

JPMorgan ChaseThe big security news is that a number of US Banks, including JPMorgan Chase, have been hit by hackers who launched a “coordinated attack” on their computers systems this month.

According to Bloomberg, who first reported on the breach, US authorities believe that the hackers stole information about customers and employees, opening the possibility for “significant financial fraud.”

But what raised my eyebrow was a claim that the FBI is exploring the possibility that Russian hackers, backed by the Kremlin, might have launched the attack in retaliation against US sanctions over the military conflict in Ukraine.

There are certainly plenty of commentators happy to be rolled out in front of the media to say businesses need to brace themselves from Russian cyberattacks in retaliation for Western economic sanctions. But it’s not as if the Russians isn’t the only country not keen on the United States right now, right?

And who is to say that the hacks were state-sponsored anyway?

Yes, it’s perfectly possible that a hack might be perpetrated by an intelligence agency, or have the backing of a foreign country.

But it’s extremely difficult to attribute an internet attack to a particular country, let alone tell the difference between an attack conducted by a pizza-loving hacker who happens to be on an overseas intelligence agency’s payroll, and a hoody-wearing hacker who is in the pocket of an organised criminal gang.

So, leaping to any conclusions that an attack is sponsored by a particular country, or indeed what the motivation might have been seems premature – and there’s a danger that experts are getting carried away with the thought of the mainstream media lapping the news up.

According to the New York Times, a source close to the bank says that no increase in the level of fraud has been seen recently.

Fascinatingly, according to a Reuters report, some cold waters are being thrown on the flames not just on the possible origin of the attack but whether there has been any significant attack at all.

FS-ISAC, a banking industry group that shares information about attacks on financial services, says that there are “no credible threats posed to the financial services sector at this time” and is “unaware of any significant cyber-attacks causing unauthorized access to sensitive information at any member institutions.”

What do you think? Leave a comment below.

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

3 Replies to “JPMorgan and other US banks get hacked. Why is Russia getting the blame?”

  1. Re:"So, leaping to any conclusions that an attack is sponsored by a particular country, or indeed what the motivation might have been seems premature – and there’s a danger that experts are getting carried away with the thought of the mainstream media lapping the news up."

    Basically they're trying to sound/appear important, that they have things under control (seems however that someone ELSE has control… and who knows if they left any backdoors, anything else, without serious clean up (and even then if they wipe it there is no guarantee that there was or wasn't any thing removed and at the same time depending on how long the attack happened – as a general rule – ago, is it on backup? Would depend on what is left there and what they back up, of course)). In reality they don't and it is much like a cover-up. We're doing fine is only to silence others (or try to) so as not impact their credibility and equally their reputation. Unfortunately they are going about it the wrong way – giving vague answers in such a case is worse than no answers (or here's an idea: "we don't know everything just yet …"). They're actually showing their true colours to those who can think for themselves (maybe they're on to something after all … is something that I can see them thinking of but in the end it isn't honest, it isn't upfront and it is therefore the wrong way to deal with it).

    Re: "FS-ISAC, a banking industry group that shares information about attacks on financial services, says that there are “no credible threats posed to the financial services sector at this time” and is “unaware of any significant cyber-attacks causing unauthorized access to sensitive information at any member institutions.”"

    I don't buy it one bit and as a banking industry, well…. But even if they have some information there is never a guarantee they have all (if one thing happens who is to suggest nothing else happened too ?).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Never miss a thing. Sign up for the free GCHQ newsletter from Graham Cluley.
GET UPDATES