Hacking the banks

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.economist.com/news/business-and-finance/21614181-who-lies-behind-latest-cyber-attacks-jp-morgan-chase-hacking-banks

Robbing a bank used to require a gun and a getaway car. Now hackers can
attack financial institutions with a few clicks of a computer mouse.
According to reports on August 27th from Bloomberg, America’s Federal
Bureau of Investigation (FBI) is now investigating a series of
cyber-intrusions at several American banks, including JPMorgan Chase, one
of the biggest.

The attackers are said to have siphoned off large amounts of data,
including customers' bank-account details. Quite what their motive is
remains a mystery. One theory is that the attacks are the work of Russian
hackers retaliating against international sanctions imposed as a result of
Russia’s involvement in the ongoing conflict in Ukraine. Another suggests
that they are the work of criminals trying to profit from the data they
pilfer.

The notion that this is a form of retaliation is hard to take seriously.
There are more spectacular and well-tested ways to generate publicity for a
cause, such as launching denial of service attacks, which involve directing
large amounts of web traffic at banks’ sites in order to slow them down or
knock them offline. Over the past few years big American banks have faced
repeated volleys of such attacks, which have grown in intensity.

The idea that the intrusions are motivated by a desire to steal data that
could be exploited for profit, is more plausible. In the nether regions of
the “dark net”— the huge swathe of the internet that is not tracked by
popular web browsers such as Google and Bing—there are black markets in
everything from stolen credit-card data to bank-account details. Criminal
hackers could sell stolen data there quite easily.

Another possibility is that the attacks are the handiwork of people backed
by a foreign power interested in gathering financial intelligence of
various kinds. Big American banks do not just hold details of their
customers' personal transactions. They are also involved in everything from
financing trade deals to advising on big mergers and acquisitions.

Given all of the sensitive data they handle, financial institutions tend to
spend far more than most other firms on computer security. So breaking into
their systems typically demands a great deal of effort and resources. Some
criminal groups in Russia and elsewhere have now developed the scale and
sophistication to be able to crack even the most robust cyber-defences. But
it is also possible that the hackers were supported by a foreign government
interested in using the data collected to inform its own intelligence
efforts.

More details of the attacks are likely to emerge soon, as a result of
investigations being conducted by specialist cyber-security firms called in
by the banks and the FBI. The government gumshoes and their consultants are
likely to be kept busy. In a brief statement on the matter, JPMorgan Chase
said that companies of its size “experience cyber attacks nearly every
day”. Unfortunately, that is unlikely to change soon.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!