The Federal Bureau of Investigation (FBI) is investigating cyberattacks on five major U.S. banks allegedly carried out with support from Russia’s government.
The New York Times reported Wednesday that “gigabytes of data, including checking and savings account information” had been stolen from JPMorgan Chase and four other banks that it did not name. Bloomberg then added that two sources said that the hackers were Russian. Thursday, Ars Technica cited a source familiar with the JPMorgan investigation, who said that the attack began with malware on a bank employee’s machine.
JP Morgan confirmed Thursday morning that it was looking into the breach. In addition to the FBI, the National Security Agency (NSA) and the Secret Service are also on the case, looking for connections between the hack and the Russian government, according to separate reports by Bloomberg and Reuters, respectively.
Security experts have been reticent to point the finger directly at the Russian government, pointing to the fact that Kremlin-directed cyberattacks usually target companies with more explicit national security connections.
“The way the Russians do it, to the extent we can see into the process, is they encourage certain targets,” James Lewis of the Center for Strategic and International Studies told Bloomberg.
However, security consultant Phil Lieberman told USA Today that the hackers’ success in the JPMorgan incident highlighted their sophistication and hinted at government backing.
“The ability to overcome the typical financial defense-in-depth strategy outlined by JPMorgan points to capabilities that go beyond criminal activity and are in the realm of nation state capabilities,” Lieberman said.
As of Thursday afternoon, JPMorgan had not released further information about the breach, except to say that no “unusual fraud” had been detected. In that same Wall Street Journal article, spokespeople for Bank of America, PNC, U.S. Bancorp, and SunTrust denied that they had been affected.
Photo via Jmabel/Wikimedia Commons (CC BY-SA 3.0)