Russian Hackers Had Means, Motive To Infiltrate JPMorgan Cha
U.S. law enforcement and corporate security experts are investigating a cyberattackearlier this month on JPMorgan Chase & Co. (NYSE:JPM) on the assumption it originated in Russia. Unlike the usual identity theft motive, though, this hack has been reported as a Kremlin-sponsored retaliation for the bank’s interference in a Russian financial transfer earlier this year.
A who’s who of U.S. agencies, including the FBI, National Security Agency and Secret Service, have become involved since the probe launched earlier this month in what anonymous sources told Bloomberg News resulted in the theft of a gigabyte of “sensitive data from the files of bank employees, including executives.” The unnamed sources said federal investigators opened the investigation suspecting JPMorgan was specifically targeted for infiltration as “possible retaliation for [U.S.] government-sponsored sanctions” against Russia.
The Russian military first began the annexation of Ukraine’s Crimean Peninsula in late February, and in March the U.S. responded with a round of sanctions designed to prevent prominent Russian leaders from traveling to the U.S., Canada and European Union. American officials also threatened to increase the severity of the penalties if Russian aggression didn’t subside. The U.S. eventually launched two more rounds of sanctions.
JPMorgan Chase, meanwhile, fresh off years of bad publicity, during which it was fined nearly $30 billion in penalties and settlements, blocked a payment from the Russian embassy in Astana, Kazakhatan, to the Sogaz Insurance Group. Sogaz is partly owned by OAO Bank Rossiya, a St. Petersburg-based institution operated by Russian President Vladimir Putin’s associates.
The attempted transaction was for less than $5,000, Bloomberg reported at the time, but it came after President Obama announced in March that Rossiya was included as part of the sanctions on Russian officials.
“Any hostile actions against the Russian diplomatic mission are not only a grossest violation of international law, but are also fraught with countermeasures that unavoidably will affect activities of the embassy and consulates of the U.S. in Russia,” said Russian Foreign Ministry spokesman Alexander Lukashevich, adding that JP Morgan’s decision was “absolutely unacceptable, illegal and absurd.”
Sources cautioned the Wall Street Journal that it’s still too early to tell who is behind the attack, although they admitted that Russian and Eastern European hackers have increased their attacks on Wall Street and other sources ofprized financial data in recent years. Russian hackers have been erroneously blamed for a slew of distributed-denial-of-service attacks in recent years, including instances where hackers from Georgia and Estonia ultimately were deemed responsible. No cases of identity theft have been made public in the wake of this attack, a point that has led experts to say retaliation for the sanctions could be a motive.
“None of the people commenting on the incident mentioned a direct financial loss, or a direct fraudulent financial activity by the attacker,” Amichai Shulman, chief technical officer of Imperva security, told International Business Times. “Everyone is talking about grabbing sensitive information. I find it odd that someone who was actually able to break into a bank is not using it for making immediate profit.”