JP Morgan Chase was the latest global financier to be hit by hackers in a recent series of high-tech bank robberies. It was last Thursday when the tale of espionage became a real-life drama as Russian hackers reportedly penetrated America’s largest bank stealing customer’s checking and saving account data.
According to USA TODAY, security experts described the hit “as a sophisticated cyber-attack”. The caper, which seems to have been a synchronized effort, is just another red flag that hackers are increasingly becoming bolder and discovering more innovative ways to crack America’s most secure computer systems.
“Successful attacks against banks, however, are unusual because the financial sector has perhaps the strongest security of any industry,” Jacob Olcott, a cyber security expert at Good Harbor Security Risk Management, told the Huffington Post. “The fact that even these companies can experience a successful attack should definitely raise eyebrows because they spend the most money and have the most sophisticated defenses.”
Both leading experts from the U.S. Federal Bureau of Investigation (FBI) and the Secret Service are investigating the attack. However, according to USA TODAY, neither the rationale nor the perpetrators behind the high-tech crime have been identified. According to Bloomberg News, the FBI is looking into a possible revenge plot involving “Western sanctions levied on Russia because of the situation in the Ukraine”. However, other experts familiar with the issue say this particular assumption is unlikely because it would involve a “destruction or disruption of networks — not theft of data”.
“We have seen Russian intelligence services target financial institutions for the purpose of espionage,” Dmitri Alperovitch, co-founder of CrowdStrike, a cyber security firm, told the Washington Post; but did not refer specifically to the JPMorgan case. “Of particular interest to them is data from the oil and gas trading desks; oil and gas are major sources of revenue for Russia.”
According to CNBC, iSight Partners, a Dallas-based security firm, cautioned big businesses about the possible Russian revenge plot earlier this year. The security firm also advised that preparations such as increased security were critical in order to counteract imminent cyber-attacks to American institutions. But iSight Partners’ warning was thought to be a bit hasty by other security firms, including CrowdStrike’s Adam Meyers who believes “the attacks were motivated by sanctions”.
“Hackers could have been after account information, or even intelligence about a potential merger or acquisition,” Meyers told the Huffington Post.
It was in 2007 when Russian hackers began a 30-day online attack on Estonia that almost destroyed the Baltic nation, “after Estonian government workers moved a Soviet-era war memorial from the Estonian capital,” says CNBC.
However, those involved in the investigation say that the covert way the hackers infiltrated the bank indicates that independent political motivation is highly unlikely. And because the hackers chose to go after savings and checking accounts, says security experts, is more likely an effort conducted by the state. What is known, at this point, by investigators and bank industry officials is that this is not the first nor will it be the last attack.
“Companies of our size unfortunately experience cyber-attacks nearly every day,” Patricia Wexler, a JPMorgan spokeswoman, told the Huffington Post. “We have multiple layers of defense to counteract any threats and constantly monitor fraud levels.”
The Ongoing Threat
Over the last year, several American retailers and grocery stores have been hit by hackers. However, security experts agree that those companies have been easy targets. One of the most notable was Target when in December 2013; the retailer had undergone one of the most notorious data breaches in U.S. history. The attack involved hackers who stole over 70 million customers’ personal credit and debit card information. Although Target’s rapid-response did a lot to ease fears, no culprit was ever identified.
Earlier this year, it was reported that Chinese hackers set their sights on American hospitals stealing over 4 million patients’ personal information such as Social Security numbers. But again, according to Forbes, the job was relatively easy for the sophisticated hackers who were able to successfully infiltrate the organization’s security system. The American banking industry, however, remains the most common target for these types of high-tech crimes, with most aiming to steal financial data as seen with JP Morgan Chase, primarily as an intelligence-gathering effort.
When hackers do successfully break into big banks’ intricate firewalls and security systems, the notion is, by most security experts, that it’s even more sinister and has the potential to cause more damage. And as hackers continue to become more sophisticated, America will continue to witness and write yet another saga of espionage in its history books.