Chase Breach: Did Russia Play a Role?FBI Says Economic Sanctions Were Not a Factor
An FBI official on Oct. 20 said the hacks of JPMorgan Chase and other U.S. banks do not appear to have been retribution for Western economic sanctions against Russia. But FBI officials tell Information Security Media Group that investigators still have not determined who was behind the attacks.
See Also: The Global State of Online Digital Trust
The Chase breach exposed personal information, including e-mail addresses, tied to 76 million households and 7 million small businesses.
FBI officials also have revealed that over the past 12 months, hackers have stolen more than 500 million financial records, according to USA Today.
"We're in a day when a person can commit about 15,000 bank robberies sitting in their basement," said Robert Anderson, executive assistant director of the FBI's Criminal Cyber Response and Services Branch.
Based on its analysis, the FBI says about 35 percent of the thefts were from website breaches; 22 percent were from cyberespionage, 14 percent occurred at the point of sale, and 9 percent came from someone swiping a credit or debit card, according to the news report.
Who's Behind the Attacks?
Speaking about the JPMorgan Chase incident and other bank attacks, Joseph Demarest, FBI cyber division assistant director, said during a news conference following an event hosted by the Financial Services Roundtable: "There's no indication that [they came] as a result of the sanctions," according to the Washington Post.
But an FBI spokesperson told ISMG: "There hasn't been a person, group or nation state who we've definitively attributed anything to." As a result, the possibility is "still open" that the Russian government could, in fact, have played a role in the bank attacks, the spokesperson said.
The Washington Post reports that Demarest said there have been cases in which hackers who work for foreign governments moonlight as criminals, using the expertise learned at their day job to earn money.
"There's a blending," Demarest said, according to the Post. "They may be working as criminals by evening or dark of night and then during the day they're working on behalf of some government."
Breaches over the past year have had a major impact on Americans, said Tim Pawlenty, president of the Financial Services Roundtable. About 110 million Americans have had their personal data exposed in some form over the past year, he said, citing a CNN report. "We know that a lot needs to be done. One important step is the need for the U.S. Congress to pass cybersecurity information sharing legislation."