5 U.S. BANKS HIT BY HACKERS – JPMorgan among targets; Russians are suspected

 SAN FRANCISCO

JPMorgan Chase and at least four other financial institutions were hacked recently in a series of coordinated attacks, a federal law enforcement official told USA TODAY.  

   The source, who was not authorized to comment publicly, said federal investigators believe Russian hackers were the source of the attacks. What is less clear is whether U.S. sanctions against the Russian government prompted the attacks.  Account information was among data that were breached, the official said.  Companies “of our size unfortunately experience cyberattacks nearly every day,” JPMorgan spokeswoman Trish Wexler said in a statement without confirming the reports. “We have multiple layers of defense to counteract any threats and constantly monitor fraud levels.”

    FBI spokesman Paul Bresson said the agency is “working with the United States Secret Service to determine the scope of recently reported cyber attacks against several American financial institutions.”  Hackers broke into the networks of the banks, where they siphoned data, including account information. Several security firms are conducting digital forensics of the breached computer networks, The New York Times reported. It remains unknown whether the intruders were financially motivated or part of an espionage campaign.  

   “The ability to overcome the typical financial defense-in-depth strategy outlined by JPMorgan points to capabilities that go beyond criminal activity and are in the realm of nation state capabilities,” said security expert Phil Lieberman, CEO of Lieberman Software.     A report on The Wall Street Journal‘s website said particulars about the incident — when it began, whom it impacted and its potential costs — were unclear.     Though there’s no indication the two are linked, computer security firm Proofpoint reported a large-scale computer attack campaign targeting JPMorgan Chase customers Aug. 21.

    The Sunnyvale, Calif.-based company reported multiple examples of a credential phishing campaign in which authentic-looking e-mails encouraged users to click a link to see a message from JPMorgan.   The Web page was hosted on a server in Moscow and installed a “Troja Horse” program onto their computer.

 Jon Swartz and Elizabeth Weise  USA TODAY

 Contributing: Kevin Johnson and  Jessica Guynn

 

AFP/GETTY IMAGES

Learn how to protect your LAN and WAN and important corporate information with Certified Ethical Hacking (CEH), Computer Forensics (CHFI), Security Analyst (ESCA), CISSP, and Cisco Security courses.

CED Solutions is a Cisco Learning Partner, Microsoft Gold Learning Partner and the #1 location for Microsoft Certifications in North America for the last 6 years combined.  CED Solutions is a CompTIA Partner, EC Council Partner, and many others and is one of the largest providers of training in North America.  The Atlanta facility provides IT training for up to 300 students per day, with separate buildings dedicated to training. CED Solutions provides training for up to 10,000 students per year and students take up to 800 certification exams every two weeks.

 

Share this post