The scale of the breach calls into question data held by individuals with retailers, financial institutions and any digital data stored on remote computer servers. Frankly, if the world's largest bank with its capacity to invest hundreds of millions of dollars on cyber security can't keep intruders out, then no business or government administration can truly claim to have complete security over the internet.
"This is really a slap in the face of the American financial services system," Gartner security analyst Avivah Litan said. "Honestly, this is a crisis point."
"You have to be paranoid now ... There is no such thing as data confidentiality anymore. Everything is out there."
JP Morgan discovered the intrusion on its servers in mid-August. But the breach may have began as early as June, said the bank's spokeswoman Wexler. "We have identified and closed the known access paths," she said. The spokeswoman declined to comment on whether or not the bank knew who was behind the sever breach. Moreover, she also declined to comment on whether JP Morgan has been able to determine who was behind the cyber attack on its servers.
What is interesting to note is that JP Morgan has not been the only financial institution to come under a cyber attack. Approximately nine other financial institutions, a number which has not been reported on mainstream, were also infiltrated by the same group of overseas hackers, according to journalists briefed on the matter.
The JP Morgan spokeswoman is keeping her lips sealed about who the bank thinks hacked into their network, meanwhile the FBI are carrying out their investigation. But, for what it is worth, there is an unofficial version being whispered about who the likely perpetrator is. You have probably guessed it, the finger of blame is being pointed at a team of crack Russian hackers with close ties to the Kremlin. Whether this is accurate or not, who really knows. Certainly, the Russians aren't going to come out and say they did it.
But the real concern is that either a lone wolf, or more likely a team of people somewhere, somehow have managed to hack into the world's biggest bank and that must be worrying security and intelligence officials in Washington more than they are probably letting on publicly. The JP Morgan breach demonstrates that the hackers could penetrate even the best-protected American financial institutions.
Was the security breached intended to send a message to the world's financial community about the vulnerability of the digital world, which the modern banking system relies on to function.
Senior US officials believe the hack on a US bank might be in retaliation for US pushed sanctions on Russia. “It could be in retaliation for the sanctions placed on Russia”, one senior official briefed on the intelligence said. “But it could be mixed motives — to steal if they can, or to sell whatever information they could glean.”
US officials say they have been working with JP Morgan since the intrusion was detected, chiefly through the Treasury. The CIA and other foreign intelligence agencies are also currently working on tracking down the source of the attacks. It's a slow time consuming task and officials are cautioning against jumping to conclusions about identities and motives of the attackers.
“We’ve been wrong before,” said security official.
While JP Morgan has reassured account holders that no fraud was committed, the hack into the world's largest bank could have been a lot worse.
JPMorgan has begun contacting customers and making clear that no money was taken from any accounts. There has been no evidence of any fraudulent use of customer information.
“To date, we have not seen any unusual fraud activity related to this incident,” said Kristin Lemkau, a bank spokeswoman. “We have identified and closed the known access paths. We have no evidence that the attackers are still in our system. We have apologized to our customers.”
But the most troubling aspect of the recent breach was the fact that hackers were apparently able to move around JPMorgan’s computer system undetected for several weeks. That is similar to an intruder opening the front door of your house walking through the living room, going through your closet, your bathroom cabinet and snooping around.
The hacker/s were able to attain high administrative privileges within JPMorgan’s network, rooting more than 90 servers and rummaging through customer databases.
“It was a huge surprise that they were able to compromise a huge bank like JPMorgan,” said Al Pascual, a security analyst with Javelin Strategy and Research. “It scared the pants off many people.”
0 comments:
Post a Comment