231-922-9460 | Google +

Sunday, September 7, 2014

NEW CYBERATTACK ON BANKS 'VERY SOPHISTICATED'

Original Story: USAToday.com

The cyberattacks on JPMorgan Chase and at least four other institutions were "very sophisticated" and were likely state-sponsored, the chairman of the House Intelligence Committee said Thursday.

The nation's largest bank said earlier in the day that it was working with the FBI and other authorities to determine the scope of a hacking attack that hit financial institutions. It said it is not seeing unusual fraud activity. An Atlanta IP Lawyer is reviewing this case.

The other firms involved have not been identified.

Rep. Mike Rogers, R-Mich., the Intelligence Committee chairman who has been briefed on the attacks, described the intrusions on "multiple" financial institutions as "very sophisticated.''

The level of sophistication "takes a very special skill set," he said, and indicates that "clearly, either they were aided by or conducted by a state sponsor."

However, a federal law enforcement official, not authorized to comment publicly, told USA TODAY that at least four banks were hacked recently in a series of coordinated attacks that law enforcement officials believe were carried out by Russian hackers. It's unknown whether the Russian government played a role. An Atlanta data privacy lawyer is skilled in data privacy compliance issues.

"This is a very real and dangerous threat and it's only going to get worse,'' Rogers said. "We've been admiring the advanced sophistication of these actions long enough. Now, it's time to do something about it."

The Financial Times reported on its website Thursday that it interviewed people familiar with the matter who say the attacks were focused on commercial banks. Wall Street investment banks including Goldman Sachs, which have been the targets of previous attempts to steal data or disrupt services, were unaffected, the FT's story said.

However, some sensitive data was lost in the attack, Bloomberg.com said, citing unnamed security experts.

Sophisticated cyberattacks against financial institutions have become "an everyday occurrence" and are just another part of the cost of doing business today, said Alexander Southwell, a former computer crime prosecutor who is now co-chair of the information technology group at Gibson Dunn & Crutcher, a Los Angeles-based law firm.

As a result, most banks are well-prepared. "The work of cybersecurity is often like 'Whac-A-Mole,' with new threats regularly emerging, followed by efforts to stop those threats, which then leads to threats emerging in different ways," Southwell said. "This attack may simply be another round in that 'game.' "

JPMorgan suggests that customers contact the bank if they detect any suspicious activity on their accounts. All of the bank's cards have full liability protection for consumers against fraud. "As we learn more, we will contact anyone we determine may have been impacted by this," bank spokesman Michael Fusco said.

It remains unknown whether the digital intruders were financially motivated or part of an espionage campaign.

JPMorgan Chase CEO Jamie Dimon said in the firm's 2013 annual report to shareholders that it has bolstered its cyberdefenses. This year, JPMorgan Chase will spend more than $250 million and devote about 1,000 people to cybersecurity, he said. The company is also building three regional state-of-the-art cybersecurity operations centers.

"We're making good progress on these and other efforts, but cyberattacks are growing every day in strength and velocity across the globe," Dimon said. "It is going to be a continual and likely never-ending battle to stay ahead of it — and, unfortunately, not every battle will be won."

The Sunnyvale, Calif.-based data security firm reported multiple examples of a credential phishing campaign in which authentic-looking e-mails encouraged users to click a link to see a secure message from JPMorgan.

When they did, they were asked to enter their credentials. The Web page was hosted on a server in Moscow and installed a so-called Trojan-program onto their computer, allowing the attackers to compromise the user's computer.

Proofpoint identified several other active campaigns that appeared to be run by the same attackers, each of which attempted to install the same Trojan software.