Chase Bank Hack Persuades Obama To Make Cyberwarfare A Top National Security Issue

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.ibtimes.com/chase-bank-hack-persuades-obama-make-cyberwarfare-top-national-security-issue-1701688

President Obama will now receive regular updates on foreign cyberattacks
after the largest data breach ever compromised more than 75 million JP
Morgan Chase bank accounts. That summer attack now ranks alongside Islamic
State group news as a national security concern, according to reports, in
part because of worries that the Russian government might have supported
the attack.

An investigation into the attack is still ongoing, with the FBI, National
Security Agency, Secret Service and others trying to find out what exactly
happened, and why. The attack was first discovered in July; it began
shortly after the U.S. introduced a tough round of Russian sanctions in
retaliation for the invasion of Ukraine. Investigators have said they’re
acting under the assumption that the attack originated in Russia or Eastern
Europe, though they’ve said Obama has been frustrated with the inability to
identify a concrete motive.

“The question kept coming back, ‘Is this plain old theft, or is it Putin
retaliating?’” one senior American official told the New York Times of his
conversations with the president. “And the answer was: We don’t know for
sure.”

The questions were further complicated by the hackers’ apparent decision to
not steal any money from the largest American bank. Chase, in a report
filed with the Securities and Exchange Commission, said user contact
information including names, addresses, phone numbers and email addresses
was stolen, though they have yet to detect any incidents of fraud.

Chase previously infuriated Russian officials when the bank, after years of
bad publicity for its role in the 2008 housing crisis, took the step of
freezing a less than $5,000 transfer from the Russian embassy in Kazakhstan
to the Sogaz Insurance Group, which is owned by the St. Petersburg-based
OAO Bank Rossiya, which itself is owned by one of Russian President
Vladimir Putin’s associates.

“Any hostile actions against the Russian diplomatic mission are not only a
grossest violation of international law, but are also fraught with
countermeasures that unavoidably will affect activities of the embassy and
consulates of the U.S. in Russia,” Russian Foreign Ministry spokesman
Alexander Lukashevich said at the time, adding that JP Morgan’s decision
was “absolutely unacceptable, illegal and absurd.”

Previous high-profile attacks on retailers like Target and Home Depot
targeted the stores’ point-of-sale machinery, a clear indication that the
perpetrators were motivated by finances. While spending what may have been
months inside Chase’s massive financial system, though, the hackers didn't
take any monetary information. Citigroup, E*Trade, Regions Financial Corp.
and other financial institutions are also believed to have been targeted in
this hack. None of the companies think they were breached, though they did
report seeing Web traffic rise at the same time Chase was infiltrated,
sources close to the issue told the Wall Street Journal.

Customers have been advised to change their passwords, but this hack bears
more resemblance to a data breach on NASDAQ’s cyber-networks in October
2010. The breach, first made public by Bloomberg Businessweek in July,
wasn’t an attempt to destroy the NASDAQ, intelligence agencies speculated,
but intended to essentially clone the stock exchange. Top U.S. law
enforcement groups were also involved that investigation, with House
Intelligence Committee Chairman Mike Rogers admitting to Bloomberg NASDAQ
infiltration was an ominous sign of things to come.

“We’ve seen a nation-state gain access to at least one of our stock
exchanges, I’ll put it that way, and it’s not crystal clear what their
final objective is,” Rogers said in July. “The bad news of that equation
is, I’m not sure you will really know until that final trigger is pulled.
And you never want to get to that.”

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!