A respected cyber security expert tells FOX Business the hackers who targeted JPMorgan Chase’s (JPM) computer systems were trying to send a poignant message: Even the most secure systems can be infiltrated.
Information security professionals see large financial firms as the gold standard. Since they have so much to lose if they’re hit with an attack, banks often invest millions to hire top-tier talent and build the best protection. And generally speaking, they have been very successful in thwarting a wide range of attacks, including frequent distributed denial-of-service attacks that bring their consumer-facing websites to a crawl.
That’s why news that five banks – including JPMorgan, which spends nearly a quarter billion a year on cyber security – came as such a shock to experts in the cyber security space.
“This is not a normal malware attack,” said Larry Ponemon, founder of The Ponemon Institute, a respected computer security think tank that is often tapped by the government and private firms, “it’s pretty scary.”
Ponemon said the computer programs – known as malware – were “very sophisticated,” exploiting methods that could even rival the Stuxnet worm that reportedly roiled Iran’s nuclear centrifuges. It’s likely, he said, that the software was actually “composite malware,” meaning multiple programs joined together to access banks’ systems and exfiltrate data, all while avoiding detection.
Perhaps most worrisome, Ponemon said the software targeted JPMorgan’s “core infrastructure,” specifically something called its “network layer.” The network layer is generally highly secured, and connects many key components, like mobile banking and trading systems, Ponemon said.
JPMorgan Chase spokesperson Trish Wexler didn’t immediately respond to requests for comment on the specifics of the attack.
The hackers were apparently highly disciplined: While there are reports they got away with “gigabytes” of data, Ponemon said they were “determined to demonstrate they can access critical systems” more than causing actual damage. Basically, the bad guys were hitting the financial system with a virtual shot across the bow.
The U.S. security community is still working to reverse-engineer the malware. Ponemon said that means banks might not know yet whether they were, or are still being, hit. At the same time, it also speaks to the complexity of the attack.
Taken together, the intense sophistication and the discipline shown by the hackers, the prevailing thought across the computer security community is that a state-level player was likely involved.
JPMorgan, for its part, said it has “multiple layers of defense to counteract any threats and (it) constantly monitor fraud levels.” Wexler noted the biggest U.S. bank by assets isn’t seeing any increased fraud activity at the moment, and plans on contacting anyone who was impacted.
Meanwhile, Peter Donald, a spokesperson from the Federal Bureau of Investigation’s New York Field Office, said the agency is “working with the United States Secret Service to determine the scope of recently reported cyber attacks against several American financial institutions.” He added, “Combating cyber threats and criminals remains a top priority for the United States Government, and we are constantly working with American companies to fight cyber attacks."