Cyber attacks on US businesses, banks mounting
Investigators were digging Thursday to find who initiated and what was taken in an apparent intense hacker effort this month to penetrate the systems of US banks including JPMorgan Chase.
The Federal Bureau of Investigation acknowledged that it and the US Secret Service were "working to determine the scope of recently reported cyber attacks against several American financial institutions."
The cursory statement, and one from JPMorgan assuring that it has tough defenses against cyberthreats, did not confirm multiple reports that the bank and several other Wall Street giants have been targeted, possibly by Russian hackers.
And none of the other large US banks would say if they were on the receiving end of any particularly malicious attempt to penetrate their systems.
But JPMorgan and computer security experts said online attacks were frequent and rising.
"Companies of our size unfortunately experience cyber attacks nearly every day. We have multiple layers of defense to counteract any threats and constantly monitor fraud levels," said a JPMorgan spokesperson.
Candid Wueest, a threat researcher with Symantec Security Response, told AFP that such attacks are multiplying rapidly.
Around the world, he said, "we had last year an increase in data breaches of 62 percent," with most in the United States.
That includes more than 265 data breaches confirmed in the last 12 months, "and probably a lot that have not been publicly named."
Key targets are large US companies, like banks and retailers with a lot of data records on consumers, including credit-card numbers.
In December 2013 retail giant Target lost possibly 100 million client records to hackers, an embarrassment that cost it sales and, ultimately, forced the chief executive to step down.
Supermarket chain Albertsons, online retailer eBay, and hospital manager Community Health Systems have also recently reported breaches.
Last week the US Department of Homeland Security warned businesses to watch for hackers targeting customer data with malicious computer code like that used against Target.
A hacker software weapon dubbed Backoff is compromising "a significant number" of businesses, it said.
In July Treasury Secretary Jacob Lew raised the warning level as well, noting that since 2011 there have been more that 250 distributed denial-of-service attacks against US banks and credit unions, overwhelming their systems.
"It does not take much to imagine the impact of those attacks on US banks if they had penetrated core operational functions rather than temporarily disrupting public web sites and customer log-in pages," he said.
"Cyber attacks on our financial system represent a real threat to our economic and national security."
- Political attack by Russians? -
Citing people familiar with the investigation, Bloomberg news agency on Wednesday tied the JPMorgan incursion to Russian state-sponsored hackers who stole "gigabytes of customer data".
It cited a second source saying that the FBI is investigating whether the attack might represent retaliation for US-imposed sanctions on Russia for its actions in Ukraine.
Computer security specialist Proofpoint detailed a large-scale scheme using emails with "phishing" links to steal the personal data of JPMorgan customers this month, which it said came out of a Russia-based server.
But China has also been named as a source of many sophisticated hacking efforts.
Costin Raiu at computer security experts Kaspersky Lab said they did not have enough technical information by which they could better understand the attack on the banks reported this week.
"The FBI is investigating the case and the fact they are not releasing technical indicators probably means there are other victims who need to be checked," he said.
However, he added, cyber attacks on financial institutions "are not something new."
He pointed to a series of attacks in 2012 directed at the New York Stock Exchange and several banks including JPMorgan. Credit for those, he said, was claimed by a radical Middle East group, and one in 2014 by a hackers groups called European Cyber Army.
"It is therefore not surprising that one of these attacks eventually succeeded."