recommended reading

Threatwatch

Russian Government Might Be Behind JPMorgan Hack

Cyber espionage; Network intrusion; Software vulnerability

Suspected government-backed hackers penetrated systems at JPMorganChase and at least one other bank during incidents that the FBI is investigating as Russia’s response to U.S.-sponsored sanctions.

In one case, the attackers abused a "zero-day" vulnerability, a software flaw, in a bank website.

“They then plowed through layers of elaborate security to steal the data, a feat security experts said appeared far beyond the capability of ordinary criminal hackers,” Bloomberg reports. “The incidents occurred at a low point in relations between Russia and the West.”

Russian troops continue crowding the Ukrainian border and the West continues imposing sanctions against Russian companies, including key banks.

Gigabytes of sensitive data have been lost as a result of the cyber offensive.

In at least one of the situations, the hackers grabbed data from the files of bank employees, including executives. Some data related to customers may also have been accessed.

Authorities are investigating whether recent infiltrations of major European banks using a similar vulnerability are also tied to the incident.

Technical indicators extracted from the banks’ computers provide some evidence of a government link.

“Still, the trail is muddy enough that investigators are considering the possibility that it’s cyber criminals from Russia or elsewhere in Eastern Europe,” Bloomberg reports.

In April, JPMorgan was rebuked when it blocked a payment from a Russian embassy to the affiliate of a U.S.-sanctioned bank. Russia’s foreign ministry called the move “illegal and absurd.” 

sector

Financial Services

reported

August 27, 2014

reported by

Bloomberg

number affected

Unknown

location of breach

New York, United States

perpetrators

Russian Hackers

location of perpetrators

Eastern Europe

date breach occurred

mid-August 2014

date breach detected

Unknown

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

    Download
  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

    Download
  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

    Download
  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

    Download

When you download a report, your information may be shared with the underwriters of that document.