Forgot your password?
typodupeerror
Security The Almighty Buck Crime IT

FBI Investigates 'Sophisticated' Cyber Attack On JP Morgan, 4 More US Banks 98

Posted by timothy
from the could-have-been-motivated-by-love dept.
Bruce66423 writes with news of an electronic attack believed to affect at least five U.S. banking institutions this month, including JP Morgan, now being investigated by the FBI. According to the Independent, The attack on JP Morgan reportedly resulted in the loss of “gigabytes of sensitive data” that could have involved customer and employee information. It is said to have been of a level of sophistication beyond ordinary criminals, leading to speculation of a state link. The FBI is thought to be investigating whether there is a connection to Russia. American-Russian relations continue to be fraught amid the crisis in Ukraine, with sanctions ramped up. Bruce66423 asks "The quality of the attack, which appears to have led to 'gigabytes' of data being lost, is raising the prospect of a state being the source. The present culprit suggested is Russia... why the assumption it's not China — just because China isn't invading the Ukraine at the moment?" News of the attack is also at the New York Times, which notes Earlier this year, iSight Partners, a security firm in Dallas that provides intelligence on online threats, warned companies that they should be prepared for cyberattacks from Russia in retaliation for Western economic sanctions. But Adam Meyers, the head of threat intelligence at CrowdStrike, a security firm that works with banks, said that it would be “premature” to suggest the attacks were motivated by sanctions.
This discussion has been archived. No new comments can be posted.

FBI Investigates 'Sophisticated' Cyber Attack On JP Morgan, 4 More US Banks

Comments Filter:
  • by RevWaldo (1186281) on Thursday August 28, 2014 @08:54AM (#47773287)
    No mention of them in the articles linked.

    .
  • by Anonymous Coward on Thursday August 28, 2014 @08:56AM (#47773297)

    Yawn

    same old...same old...

    Private "cybersecurity" firm reports data breach. Lots of data transferred. Must be "state" actor APT! But who? China? Russia? Who is US government/media currently demagoguing against? Maximum fear factor achieved!

    • Must be "state" actor APT! But who? China? Russia? Who is US government/media currently demagoguing against? Maximum fear factor achieved!

      They forgot North Korea this time - must be an off-cycle.

      You didn't need to go AC on this - we're all thinking the same thing. Are they just getting so much worse at the propaganda or are we finally wisening up?

      • Re: (Score:2, Interesting)

        by slimshady76 (3752059)
        They forgot the NSA too... Who would benefit the most from the sensitive data stolen? Even more, who would benefit the most from the fear campaign?
      • The fear and war mongering is coming from all fronts currently. For a decade it was mostly middle east. Now they are ratcheting up the propaganda against Russia. Partially due to people realizing that the US is training and arming the "terrorists" in the middle east causing many of the problems, and partially due to needing a bigger threat. So yes, people are getting wise to the games. John Kerry and his constant screaming for a white cat has become blatantly obvious.

        Until recently China and Japanese s

        • by Anonymous Coward

          Sorry, but I have to call you out on that last. I work for a third party that holds much data for Chase. They aren't slacking on security. They audit and poke us all the time, to make sure stuff like this is encrypted at rest. My first thought is an inside job, before all the conspiracy theories. That's the easiest way in. Just bribe some sysadmin, or find one to blackmail.

        • by ScentCone (795499)

          How many times will we hear a claim of "Russia invaded the Ukraine" and have that proven false before people ignore it completely?

          So, just out of curiosity, what do you get out of spinning your particular flavor of nonsense? Who benefits from you trying to convince people that - despite what they can see with their own eyes - Russia didn't just annex Crimea? That columns of Russian armor with their insignia painted over didn't just roll across the border into southeast Ukraine? Your contention has to be that those events didn't actually happen, despite untold thousands of witnesses pointing out the exact opposite. So, what's your poi

          • by s.petry (762400)

            Russia didn't just annex Crimea?

            Crimea voted with a 90% margin to annex from Ukraine, this was not "Russia" doing anything. This vote happened after a bloody and violent coup in Ukraine. The voting process has not been demonstrated to be incorrect by anyone, the fact that they annexed at all is what is questioned.

            If you want to play the game and cry foul, you need make sure you account for US involvement in Libya, Egypt, and every other country where we have cried foul after a vote goes against US interests. This is not something recen

        • by dkman (863999)
          Every time I see one of these things I want to go look up the quote from 1984 where is says something along the lines of "we were always at war with Eurasia or Oceana". Over the years it has really become ridiculous. Even in the 80's when we sort of had peace we were fear mongering about Russia. Over the past 15 years we've been at war in Afghanistan and Iraq. We're not currently in Iraq, but just getting into that should have been foreseen as a bad idea. I don't think any country has had luck in a two
    • by oodaloop (1229816)
      Are you really so naive to think this isn't going on?
  • Why does the FBI get involved? is it because the events span multiple states, or because the banks have so much clout? If this had happened to google or microsoft, for example, would the FBI get involved?

    • The FBI is an agency of the Department of Treasury. This sort of thing is (supposed to be) their main job.

    • by jratcliffe (208809) on Thursday August 28, 2014 @09:11AM (#47773387)

      If it crosses state lines, and/or international borders, then the FBI gets involved. Also, if the crime is highly technical, and requires specific expertise, the FBI often gets involved as well (since the police dept in city/state X might not have the same level of capability).

      • by Agripa (139780)

        The FBI also uses the excuse that the crime *might* have crossed a state line or border. I expect at some time in the future they will add, "The crime may have affected interstate commerce or involved items or materials that may have crossed a state line."

    • by bill_mcgonigle (4333) * on Thursday August 28, 2014 @09:13AM (#47773403) Homepage Journal

      Why does the FBI get involved? is it because the events span multiple states, or because the banks have so much clout? If this had happened to google or microsoft, for example, would the FBI get involved?

      The FBI will exercise its power whenever it can, but almost always only if oligarchs are involved. Sure, they can't avoid the bad PR of ignoring a kidnapping, but if Grandma's money gets stolen because her paypal account is hacked, then don't expect her to get any help - only the institutions that are politically connected yet could afford their own investigation get that kind of help (while Grandma is essentially helpless). They'll excuse it by saying "oh, we can only help if the dollar amount exceeds $X because we have limited resources" but what that really means is they only help rich enough people, who (shocker) also tend to be the ones capable of making campaign donations. The help is means-tested, but not in the way one might expect.

      In various roles I've heard from local chiefs of police who are trying to help out various citizens, just because there is no other option for them. It's not uniform at all, but investigating online crimes is not what those guys have training for.

      If somebody here has had FBI help for small-dollar crimes where that was their only option, then I'd love to hear counterexamples.

      • That's right the police are too busy training for paramilitarized riot control and shooting unarmed poor people to care about online stuff.

      • by ScentCone (795499)

        but if Grandma's money gets stolen because her paypal account is hacked, then don't expect her to get any help

        But if Grandma has her checking or retirement account with Morgan/Chase, she's being helped right now, by the agency you say won't help her.

      • by dkman (863999)
        Yea pretty much this.
        The FBI gets involved because they have more clout overseas to get the perpetrator arrested. The organization hacked by itself doesn't have much. And the FBI has more potential access to NSA data to find the perp in the first place. The FBI regularly gets involved in wire fraud and bank related cases that cross borders. They have a cyber investigation division for this sort of thing.

        Like Bill said though, grandma's $20,000 life savings whisked off to Nigeria isn't likely to raise
      • Back in the mid-90's, when I just getting started, the web development company I was working for in Chicago got hacked via some remote exploit in IRIX. It was a small business with only six people, but the local FBI branch did send an agent over to collect information when we notified them of the breach.
      • If somebody here has had FBI help for small-dollar crimes where that was their only option, then I'd love to hear counterexamples.

        Quite a few years ago, I found out that the FBI will not move if the dollar value is below $5,000. I am sure that point has gone up, not down.

    • by jeffmeden (135043)

      Why does the FBI get involved? is it because the events span multiple states, or because the banks have so much clout? If this had happened to google or microsoft, for example, would the FBI get involved?

      Simply put, the FBI is the investigator of last resort. Local law enforcement (even in large cities like NYC where JPMC is based) are woefully ill-equipped to investigate this sort of thing.

    • by Anonymous Coward

      There is no group of people on the planet known as USians. Please stop using this term.

  • I can only assume the NSA has become self-funding, and is doing so by hacking banks.

  • by nimbius (983462) on Thursday August 28, 2014 @09:21AM (#47773469) Homepage
    Cyber washes over so much of the actual problem with these companies. it implies some val kilmer secret agent jack bauer bullshit that does not exist in practical terms as the situation applies to entities like Chase. Its a convenient means of misdirecting attention at best.
    Lets take a step back and call this what it actually was. Chase involuntarily discharged sensitive information about employees and customers. We can name chase because its too big to fail, but four other banks were part of this incident and we cant name them because to do so would cause egregious harm to their market reputation and force them to spend a pittance on re-issuing credit/debit cards. Chase will work to scapegoat this problem ad infinitum to the nearest foreign superpower that has been demonized/sanctified by politicians for this purpose and business will continue as usual. Chase will not accept liability for its shit-tier software, security practices, or disinterest in its customers and clients because it would harm the largest bank in the world and perhaps shave a sliver of profit off this quarter.
    • This is the ACTUAL summary of the article. At the very least, this is the summary that *should* be posted to the Slashdot, that translates the shit-speak the media writes into technical jargon that Slashdot readers should expect from "news for nerds".

      Otherwise Slashdot is a mere shill for other crap media with their crap reporting with zero journalistic integrity. Facts be damned, protect the status quo.

    • by StikyPad (445176)

      Welcome to the late 90s.

    • by Rich0 (548339)

      There is actually a deeper issue than corporate security competence.

      Imagine that a bunch of soldiers stormed the front door to their datacenter with APCs, tanks, and artillery support. They then removed hard drives and proceeded across the border to some other country. Would you consider this a bank security problem?

      Banks don't have this problem because the government provides physical security against these kinds of threats. Sure, the bank is expected to lock the doors and have some guards, but they are

  • THE Ukraine! It's Ukraine, and that's what it is. It's not a region, but a COUNTRY. I don't see anybody here writing "the France" or "the Italy"... Hypercorrectism it's still an error.
  • I'll bet all my credit balance that they probably learned to use a malware generator right to just PDFed the clicktomaniac back-office, and that even if the paydata was air-gapped they're leaking USB drives all over the place.

    A firewall which is more than just an occasional inconvenience has to stop any data which it can't compare to its list of secrets which may not be leaked. - That is at least what one of the firewall's tasks used to be, but none which did this were sold, apparently because they were ju

  • I heard the NSA is capable of such mischief. Just sayin'.
  • crime syndicates are just as resourceful, if not more so, than state actors. To assume that it is a state actor because you did not think of the attack vector first is pretty dumb. in fact, trying to assert any attribution to cybercrime/intelligence is dumb.

  • As far as I'm concerned, why just JP? If the bad guys have balls, how about Wells Fargo? Better yet, if the bad guys are not just closet girly girls; Why not go after the data base that holds the home loans of the U.S. and all of its backups. Yep, I smell fish, 3 days in the sun.
  • I didn't see any evidence of Russia being involved, other than gross speculation. Meanwhile, the NYT article states the researchers believe the malware was produced by the same people who made Stuxnet and Flame. That points to the US and Israel, not Russia.
  • Do you mean someone opened a ms Word document from an email attachment in ms Outlook under Microsoft Windows ?
  • What if such cyber attacks are a form of misdirection or rather click-bait? Here's the scenario: launch a cyber attack on a bank but you're really not interested in any data you might get or rather the attack makes the target think that you're after data. The target then tells its customers to change their passwords. It's only then that the attacker gets what their after i.e. account holders' NEW passwords.

  • At least that's the impression I get by reading the news. I can't remember the last time I heard an attack described as "simple" or "straightforward." It's never "the hackers just tried a bunch of words until one of them worked," or "turns out that if you type '); then a computer will often happily do whatever you tell it," or "if you give it a very long list of letters, sometimes the computer will start doing whatever you tell it." No, it's "the hackers used a sophisticated technique to plow through lay

  • When speaking about the very banks that helped cause the global financial meltdown of 2008, I seriously doubt any attack could ever pose a larger threat than the insider threat that runs Too Big To Fail.

  • Inside Perspective (Score:1, Informative)

    by Anonymous Coward

    We work with JPMorgan. We host hundreds of terabytes of sensitive data for them.

    They take information security more seriously than any other organization that we work with, and we work with a number of Fortune 50 corporations, tech companies, and the United States government.

    If they are getting hacked, it is not due to a lack of effort or competence on the part of their risk management and security teams. All of the common complaints that get voiced here about companies not taking security seriously, abou

    • by Anonymous Coward

      We work with JPMorgan. We host hundreds of terabytes of sensitive data for them.

      They take information security more seriously than any other organization that we work with, and we work with a number of Fortune 50 corporations, tech companies, and the United States government.

      If they are getting hacked, it is not due to a lack of effort or competence on the part of their risk management and security teams. All of the common complaints that get voiced here about companies not taking security seriously, about companies not spending money on security, about PHBs not getting security, are not applicable to JPMorgan. Those people get it. I do not say that lightly. There are plenty of equally large financial institutions and organizations with similar amounts of resources who do not spend even a quarter of the effort on securing their data that JPMorgan does.

      As a client, they are a serious pain the ass to work with. But at the end of the day, their security controls and risk management processes are heavily weighted towards security at all costs, ease of use / access be damned.

      I have a similar relationship with JPMC. However, just because they force their vendors to eat the dog food doesn't mean that they are as well...

"No problem is so formidable that you can't walk away from it." -- C. Schulz

Working...