The FBI suspects an earlier August cyberattack on the U.S. financial system, which resulted in the theft of data from JPMorgan Chase, may have been the work of Russian hackers retaliating for U.S.-imposed economic sanctions.
Citing “people familiar with the probe,” Bloomberg reports the sophisticated nature of the attack along with evidence pulled from bank computers points to a Russian government link. The hack, which exploited a vulnerability on a bank website, broke through multiple layers of complex security to steal gigs of sensitive data from JPMorgan and at least one other, unnamed bank.
Data seized from bank employees — including executives — may have included customer data.
Security experts cited in the report said the hack executed was too complicated and precise to be attributed to average non-state-sponsored criminal hackers, but investigators haven’t ruled out the possibility of cyber criminals in Russia or elsewhere in Eastern Europe. Investigators are also considering whether the recent hack of large European banks, which took advantage of a similar vulnerability, are linked to the August breach.
The National Security Agency has also joined the investigation.
According to the report, cyberattacks against the U.S. financial system traced to Russia and Eastern Europe have amped up in the months since President Barack Obama authorized economic sanctions against Russia for its support of rebels in Eastern Ukraine, and the annexation of Crimea.
JPMorgan was the target of criticism from Russia’s foreign ministry in April, when the bank blocked a payment from a Russian embassy to a U.S.-sanctioned bank affiliate — a move Russia called “illegal and absurd.”
Russia has used such cyberattacks in the past to crash communications and government websites belonging to former Soviet states including Estonia and Georgia.