US Banks Targeted In ‘Co-Ordinated’ Cyber Attacks – FBI Investigates

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.techweekeurope.co.uk/news/us-banks-cyber-attack-fbi-151533

A number of US banks suffered “co-ordinated” cyber attacks this month.  The
FBI and Secret Service are investigating the attacks, some of which were
reportedly carried out by Russian hackers.

The issue of cyber attacks on financial institutions is an ongoing problem,
with the banks themselves often reluctant to speak publicly about attacks
against their systems. But JPMorgan Chase & Co has been hit according to a
Reuters report. The severity of the incident isn’t known, but a JPMorgan
investigation is reportedly currently underway.

Banking giants humbled

JPMorgan is one of the world’s largest banks, but it refused to comment on
the attack when asked by Reuters. “Companies of our size unfortunately
experience cyber attacks nearly every day,” spokesman Brian Marchiony was
quoted as saying. “We have multiple, layers of defense to counteract any
threats and constantly monitor fraud levels.”

JPMorgan was first identified by Bloomberg as one of the four US banks to
be hit. However it reported that gigabytes of customer data had been
compromised, which could lead to customer accounts being drained.

The FBI is investigating whether Russian hackers were to blame, in
retaliation for Western economic sanctions against Russia over its
involvement in the conflict in Ukraine.

The New York Times also reported that JPMorgan and four others were hit in
a series of coordinated and sophisticated attacks. It also reported that
gigabytes of data, including checking and savings account information, had
been compromised. It said that a number of security firms have been brought
in to conduct forensic studies of the penetrated computer networks.

“We are working with the United States Secret Service to determine the
scope of recently reported cyber attacks against several American financial
institutions,” FBI spokesman Joshua Campbell was quoted by Reuters as
saying in a statement late on Wednesday.

Ongoing Problem

This is not the first time that JPMorgan Chase has been hit.

In December 2013, JPMorgan Chase warned 465,000 of its UCard customers
about a breach of its systems. It said personal data of a number of its
prepaid card customers’ could have been compromised. It was also one of the
US banks that was targeted in 2013 and 2012, when a number of US banks had
their customer-facing systems knocked offline for prolonged periods by
powerful distributed denial of service (DDoS) attacks.

British banks were advised last October by the Bank of England to test
their resilience to cyber attacks. That warning came after cyber attacks on
Barclays and Santander highlighted the danger facing banks.

And two months ago the Bank of England announced a scheme to create better
stress tests amongst financial institutions, to see whether their ability
to cope with super-sophisticated cyber attacks is up to snuff.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!