Must Listen

Must Read

What Art Thinks

Pre-Millennialism

Today's Headlines

  • Sorry... Not Available
Man blowing a shofar

Administrative Area





Locally Contributed...

Audio

Video

Special Interest

Daily News
23943
“JPMorgan Data Sent to Russia By Computers for Hire”
by The Age   
September 5th, 2014
Bank investigators have identified what they believe is the

Bank investigators have identified what they believe is the "bulletproof" staging ground for the hack. Photo: Reuters

JPMorgan's own investigators have found clues that a global network of computers available for hire by sophisticated criminals was used to reroute data stolen from the bank to a major Russian city, according to people familiar with the probe.

Like street magicians using sleight of hand, the hackers tapped computers from Latin America to Asia to send commands and obscure their identity while ferrying malicious traffic past one of the most heavily guarded networks on Wall Street.

Bank investigators working nearly around the clock have identified what they believe to be the assault's staging ground, called a "bulletproof" hosting platform because of its resilience to other attackers and to law enforcement, according to one of the people, who requested anonymity because of the continuing investigation. The constellation of computers was used in previous hacking attacks and is now being tapped by professional cybercriminals operating out of Eastern Europe to target banks.

The bank's investigators are only part of a larger group in the US that includes the Federal Bureau of Investigation and the National Security Agency trying to trace the origin of the computer assault. The success of the attack on JPMorgan and another this week on Home Depot and even the theft of nude photos from celebrities' online Apple accounts highlight how hard it is to defend against increasingly sophisticated criminals.

'Real Pest'

Cybercrime operations similar to the one identified by JPMorgan investigators, notably a now-defunct one known as the Russian Business Network, have been run by powerful figures and protected by Russian authorities, said James Lewis, a senior fellow at the Center for Strategic and International Studies in Washington.

"It's like the mafia," Lewis said. "If this is RBN version 2.0 or even 3.0, then the US government will be very concerned because it's been a real pest before."

The use of a Russian-based data center is another piece of a puzzle being constructed by investigators as they chase answers to urgent questions such as the attack's motive, the hackers' identity, and the possibility other banks may have been attacked or probed by the same group.

Threat Level

The people familiar with JPMorgan's investigation said the cybercriminals operating the global network had also aimed at other banks' systems, though they may not have been hacked.

No evidence has surfaced that any other major US bank was breached by this group. The Financial Services Information Sharing and Analysis Center, which monitors cyber threats on financial institutions, informed members on August 28 that there were no signs of a sophisticated and coordinated attack on banks, and the organisation's threat level for the banks remains unchanged.

Patricia Wexler, a spokeswoman for JPMorgan, said that fraud levels at the bank were not elevated and declined to comment further on the investigation. J. Peter Donald, a spokesman for the FBI in New York City, said the agency had no comment about the investigation or whether other banks had been targeted or breached.

JPMorgan has hired a number of cybersleuths, including some well-known for tracking hackers through the murky world of global cybercrime. Not all of them agree with the assessment about the Russian criminal data center and note that the search will continue for months and is likely to take twists and turns.

Russian Government

JPMorgan's security team continues to investigate the possibility that the hackers may have been aided or at least condoned by the Russian government, possibly as retaliation for US-imposed sanctions, said a second person involved in the probe.

Others trying to piece together what happened, including outside specialists hired by the bank, say they have seen nothing to suggest the Russian government directed or aided the JPMorgan attack. Instead, they said that the hackers may have been opportunistic, expecting to be shielded because of the tensions between Russia and the US

Some investigators speculated the cybercriminals were hired by the Russian government in the past and may have used malware and other tactics also shared with Russian government agents.

JPMorgan was singled out in April for criticism by Russian officials when it blocked a payment from a Russian embassy to the affiliate of a U.S.-sanctioned bank. Russia's foreign ministry called the move by JPMorgan "illegal and absurd."

The JPMorgan attack may have been designed to send a message, said Keith Alexander, who was director of the NSA from 2005 until last March and started a cybersecurity company to sell services to US banks.

If the incursion was backed by the Russian government in retaliation for sanctions imposed by the U.S. and European Union over the crisis in Ukraine, then they just said "You're vulnerable," Alexander said in an interview.

Dmitry Peskov, a spokesman for Russian President Vladimir Putin, dismissed the notion that Russia was behind the JPMorgan hack. "This is nonsense," he said in a telephone interview.

go back button