Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI Investigates 'Sophisticated' Cyber Attack On JP Morgan, 4 More US Banks

Posted by timothy on from the could-have-been-motivated-by-love dept.

Bruce66423 writes with news of an electronic attack believed to affect at least five U.S. banking institutions this month, including JP Morgan, now being investigated by the FBI. According to the Independent, The attack on JP Morgan reportedly resulted in the loss of “gigabytes of sensitive data” that could have involved customer and employee information. It is said to have been of a level of sophistication beyond ordinary criminals, leading to speculation of a state link. The FBI is thought to be investigating whether there is a connection to Russia. American-Russian relations continue to be fraught amid the crisis in Ukraine, with sanctions ramped up. Bruce66423 asks "The quality of the attack, which appears to have led to 'gigabytes' of data being lost, is raising the prospect of a state being the source. The present culprit suggested is Russia... why the assumption it's not China — just because China isn't invading the Ukraine at the moment?" News of the attack is also at the New York Times, which notes Earlier this year, iSight Partners, a security firm in Dallas that provides intelligence on online threats, warned companies that they should be prepared for cyberattacks from Russia in retaliation for Western economic sanctions. But Adam Meyers, the head of threat intelligence at CrowdStrike, a security firm that works with banks, said that it would be “premature” to suggest the attacks were motivated by sanctions.

5 of 98 comments (clear)

  1. Fear mongering fearfully old by Anonymous Coward · · Score: 3, Insightful

    Yawn

    same old...same old...

    Private "cybersecurity" firm reports data breach. Lots of data transferred. Must be "state" actor APT! But who? China? Russia? Who is US government/media currently demagoguing against? Maximum fear factor achieved!

  2. Re:Honest question from a non-USian by jratcliffe · · Score: 3, Informative

    If it crosses state lines, and/or international borders, then the FBI gets involved. Also, if the crime is highly technical, and requires specific expertise, the FBI often gets involved as well (since the police dept in city/state X might not have the same level of capability).

  3. Re:Honest question from a non-USian by bill_mcgonigle · · Score: 3, Interesting

    Why does the FBI get involved? is it because the events span multiple states, or because the banks have so much clout? If this had happened to google or microsoft, for example, would the FBI get involved?

    The FBI will exercise its power whenever it can, but almost always only if oligarchs are involved. Sure, they can't avoid the bad PR of ignoring a kidnapping, but if Grandma's money gets stolen because her paypal account is hacked, then don't expect her to get any help - only the institutions that are politically connected yet could afford their own investigation get that kind of help (while Grandma is essentially helpless). They'll excuse it by saying "oh, we can only help if the dollar amount exceeds $X because we have limited resources" but what that really means is they only help rich enough people, who (shocker) also tend to be the ones capable of making campaign donations. The help is means-tested, but not in the way one might expect.

    In various roles I've heard from local chiefs of police who are trying to help out various citizens, just because there is no other option for them. It's not uniform at all, but investigating online crimes is not what those guys have training for.

    If somebody here has had FBI help for small-dollar crimes where that was their only option, then I'd love to hear counterexamples.

    --
    My God, it's Full of Source!
    OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
  4. im growing to hate the word cyber. by nimbius · · Score: 5, Insightful

    Cyber washes over so much of the actual problem with these companies. it implies some val kilmer secret agent jack bauer bullshit that does not exist in practical terms as the situation applies to entities like Chase. Its a convenient means of misdirecting attention at best.
    Lets take a step back and call this what it actually was. Chase involuntarily discharged sensitive information about employees and customers. We can name chase because its too big to fail, but four other banks were part of this incident and we cant name them because to do so would cause egregious harm to their market reputation and force them to spend a pittance on re-issuing credit/debit cards. Chase will work to scapegoat this problem ad infinitum to the nearest foreign superpower that has been demonized/sanctified by politicians for this purpose and business will continue as usual. Chase will not accept liability for its shit-tier software, security practices, or disinterest in its customers and clients because it would harm the largest bank in the world and perhaps shave a sliver of profit off this quarter.

    --
    Good people go to bed earlier.
  5. Re:When they don't blame the Chinese ... by swv3752 · · Score: 3, Insightful

    Like the virus that attacked Iran's nuclear centrifuge?

    --
    Just a Tuna in the Sea of Life