Hackers have launched an attack on JP Morgan Chase & Co. and at least four other banks in the U.S. this August, according to people familiar with the matter.
Investigations are ongoing but at least one of the attacks has been linked to hackers sponsored by Russia. Because of the rising tension between the two countries as the U.S. imposed economic sanctions on Russia, the FBI is considering the possibility that the hacking attacks are retaliatory in nature.
Hackers stole information that could be used to drain accounts as well as other sensitive data from employee computers. But while financial institutions appear to be likely targets, big banks rarely deal with stolen data because they have more comprehensive security systems in place. Most of the time, retailers and consumers are primary targets.
The attacks exploited a software flaw called zero-day to gain access to at least one of the websites used by targeted banks. Once inside the system, the hackers then dug through layers of security to get to the data they need. Security specialists have noted that the attacks were far too elaborate to be pulled off by standard-fare criminal hackers. Therefore, there's a bigger motive to uncover than the simple theft of financial information.
Still, there's only just enough to speculate that Russia is involved. The hackers left a trail but it is murky enough to throw suspicion on other cyber criminals in Eastern Europe. Other federal agencies have pitched in to expedite the investigation.
As the only bank publicly identified, JP Morgan is under the spotlight. "Companies of our size unfortunately experience cyber attacks nearly every day. We have multiple, layers of defense to counteract any threats and constantly monitor fraud levels," said JPMorgan spokeswoman Patricia Wexler in an email statement.
The bank spends around $200 million a year for cybersecurity and employs more than 600 individuals dedicated to protecting JPMorgan from hacking attacks. CEO Jamie Dimon said these figures are likely to grow.
The bank has not detected unusual or fraudulent activity so far since the hacking was reported. It is still unclear either if the attacks have resulted in financial losses for bank clients.
But even when a direct link to Russian hackers is established after the investigation, the U.S. will probably react in a muted manner. Maybe online defenses for the country's financial sector will be bolstered but a direct response is unlikely, given the possible ramifications.
In the past, Russian hackers have also crashed government websites and communication systems in Georgia and Estonia.