Suspected government-backed hackers penetrated systems at JPMorgan Chase and at least one other bank during incidents the FBI is investigating as a Russian response to U.S.-sponsored sanctions, Bloomberg reports.
The episodes occurred in mid-August.
In one case, attackers abused a previously undetected software flaw, known as a "zero day" vulnerability, in a bank website.
“They then plowed through layers of elaborate security to steal the data, a feat security experts said appeared far beyond the capability of ordinary criminal hackers,” according to Bloomberg. “The incidents occurred at a low point in relations between Russia and the West.”
Russian troops continue crowding the Ukrainian border and the West continues imposing sanctions against Russian companies, including key banks.
Technical indicators extracted from the U.S. banks’ computers provide some evidence of a government link.
“Still, the trail is muddy enough that investigators are considering the possibility that it’s cyber criminals from Russia or elsewhere in Eastern Europe,” Bloomberg reports.
Read the rest at ThreatWatch, Nextgov’s regularly updated index of cyber breaches.