JPMorgan, other banks hacked, and FBI looks to Russia for culprits

Suspected reprisal for US sanctions resulted in gigabytes of stolen account data.

Read the whole story

 

[dlux]

Gee, shouldn't the National Security Agency be aware of this sort of activity, or are they too busy collecting all our phone call data?

If they aren't tracking a breach like this then how the fuck are they supposed to prevent a terrorist attack?

 

[Stuntbutt]

I'd feel bad for these banks...

except I don't.

 

[Tension]

Stuntbutt[/url]":b08c30tg]I'd feel bad for these banks...

except I don't.

It's the customers I empathise with. Identity theft on the rise soon?

 

[DaVuVuZeLa]

dlux[/url]":mtt426m9]Gee, shouldn't the National Security Agency be aware of this sort of activity, or are they too busy collecting all our phone call data?

If they aren't tracking a breach like this then how the fuck are they supposed to prevent a terrorist attack?

What makes you think they weren't? It's not like the FBI is going to publicize that they were tipped off about this by the NSA.

 

[Mujokan]

dlux[/url]":3bg95ilm]Gee, shouldn't the National Security Agency be aware of this sort of activity, or are they too busy collecting all our phone call data?

If they aren't tracking a breach like this then how the fuck are they supposed to prevent a terrorist attack?

It's always hard to predict an enemy that drinks that much vodka.

 

[helel ben shachar]

I used to laugh at my grandfather because he was old school and kept his money stashed away in his mattress. Used to......

 

[diarrheajim]

Mujokan[/url]":3hyw83yu]

dlux[/url]":3hyw83yu]Gee, shouldn't the National Security Agency be aware of this sort of activity, or are they too busy collecting all our phone call data?

If they aren't tracking a breach like this then how the fuck are they supposed to prevent a terrorist attack?

It's always hard to predict an enemy that drinks that much vodka.

Who, Chase?

 

[RickyP784]

I know this is a regurgitation of a NY Times article, so details are scant. I do wonder which other 4 banks were affected. I'd like to know if mine was one of them.

 

[Mujokan]

diarrheajim[/url]":3ls5khq2]

Mujokan[/url]":3ls5khq2]

dlux[/url]":3ls5khq2]Gee, shouldn't the National Security Agency be aware of this sort of activity, or are they too busy collecting all our phone call data?

If they aren't tracking a breach like this then how the fuck are they supposed to prevent a terrorist attack?

It's always hard to predict an enemy that drinks that much vodka.

Who, Chase?

I don't always drink vodka, but when I do, I prefer Chase.

I kid, I always drink vodka. As for JPM, the most I can say is it'll be shots of something. The difference with the Russian military is they will wait till after work.

 

[Corbenman]

So this potentially means the Russians now also hold details about my inability to pay in time. There goes the chance to obtain credit in yet another country.

 

[glitchtrack]

An obvious, if clueless, question: as a customer of Chase, are there steps I should be taking to protect myself? And exactly what sort of account information was stolen, anyway? I know the article says Chase hasn't seen an increase in fraud levels, but it's hard for me to discount the possibility that the information taken during this attack might still be used for fraudulent purposes in the future...

 

[Boskone]

RickyP784[/url]":1g4ulrs1]I know this is a regurgitation of a NY Times article, so details are scant. I do wonder which other 4 banks were affected. I'd like to know if mine was one of them.

The NYT article doesn't say either, but links to a Bloomberg article I didn't bother to read.

 

[Begelegeb]

...and at least four other banks was the work of state-sponsored hackers from Russia.

what is the name of these other four banks? I'd like to know, I have accounts a various banks, one of which is JPMorgan Chase & Co. (and have not heard a word from them about it yet)

I'm confused though because the Bloomberg article only says;

Russian hackers attacked the U.S. financial system in mid-August, infiltrating and stealing data from JPMorgan Chase & Co. (JPM) and at least one other bank

one other bank and not four, so was it JPMorgan Chase & Co and one other bank or was it JPMorgan Chase & Co and four other banks? Are they counting the European banks as the other four, or is it four other U.S. banks or just one other U.S. bank?

 

[Mujokan]

Apparently it is not definitively known exactly how many targets there were.

First link: http://www.nytimes.com/2014/08/28/techn ... organ.html

 

[Luppe]

So the "proof" that Russia is behind this are a couple of earlier attempts, all of them either proven not to be from the Russian government or with proof that are "tenuous at best".
Now, I wouldn't be that surprised if the Russian government where indeed behind it, but why spread the allegations if there is no solid proof whatsoever?

 

[GDwarf]

Luppe[/url]":20z9y1nm]So the "proof" that Russia is behind this is a couple of earlier attempts, all of them either proven not to be from the Russian government or with proof that are "tenuous at best".
Now, I wouldn't be that surprised if the Russian government where indeed behind it, but why spread the allegations if there is no solid proof whatsoever?

Because "our major financial institutions were hacked by a foreign government" is less upsetting than "some random kid stole all our account information". Plus, Russia has fairly recently shifted from "Moderately-friendly neighbor" to "Imperialist scum", so they make a handy scapegoat, I'd assume.

 

[Dilbert]

FBI are wasting their time. They could find the individuals responsible, and let's say they got ironclad evidence against them. It still would not matter because Russia.

Another case of "boss told me to do this so I'm doing it even though it is pointless".

Our efforts would be better spent on securing networks. Because not a single Chinese or Russian hacker will be apprehended unless they are stupid enough to travel to a place friendly to the US.

 

[Begelegeb]

LoL

at the end of the article...

We will update this story as more information becomes available.

Update

is "Update" another "Update"

LoL

 

[Zoolook]

Bank employees should not be able to open ZIP files or any executable sent from external email addresses - especially unverified ones. Lock it down.

We cannot do that here.

 

[core_dump]

As a non American, I wonder if Americans perceive Russia as an enemy? Just wondering...

 

[FlibberyGiveit]

glitchtrack[/url]":1x9n1ueg]An obvious, if clueless, question: as a customer of Chase, are there steps I should be taking to protect myself? And exactly what sort of account information was stolen, anyway? I know the article says Chase hasn't seen an increase in fraud levels, but it's hard for me to discount the possibility that the information taken during this attack might still be used for fraudulent purposes in the future...

My question also. I suppose I care that it happened, but I /really/ care about how it effects my credit accounts with Chase.

 

[Mujokan]

FlibberyGiveit[/url]"mx0iet2]

glitchtrack[/url]"mx0iet2]An obvious, if clueless, question: as a customer of Chase, are there steps I should be taking to protect myself? And exactly what sort of account information was stolen, anyway? I know the article says Chase hasn't seen an increase in fraud levels, but it's hard for me to discount the possibility that the information taken during this attack might still be used for fraudulent purposes in the future...

My question also. I suppose I care that it happened, but I /really/ care about how it effects my credit accounts with Chase.

Not at all. They would comp you if you were the victim of fraud. It's more important that it happened actually.

 

[dlux]

core_dump[/url]":1k2nhk3e] I wonder if Americans perceive Russia as an enemy?

Yes/no/maybe. It's complicated.

 

[Dilbert]

core_dump[/url]":3evqkc8s]As a non American, I wonder if Americans perceive Russia as an enemy? Just wondering...

Until about 6 months ago? No. Russians were those goofy fearless folks who drink lots of Vodka.

Now? After everything they've pulled in Ukraine and continue to do so? Maybe. Trending toward yes.

 

[DoomHamster]

dlux[/url]":3e76u1u2]

core_dump[/url]":3e76u1u2] I wonder if Americans perceive Russia as an enemy?

Yes/no/maybe. It's complicated.

Yeah...I wouldn't say enemy at all, but I would definitely say that we are nervous about Putin and his most recent antics. But probably no more so than what Europeans are feeling right now...maybe even less so due to our geographical separation.

As dlux said....it's complicated.

 

[DoomHamster]

Dilbert[/url]":fyxto8de]
...those goofy fearless folks who drink lots of Vodka...

You just described quite a few of my old Army and Marine Corps buddies.

 

[eduardopozo56]

Zoolook[/url]":8fmswsqu]Bank employees should not be able to open ZIP files or any executable sent from external email addresses - especially unverified ones. Lock it down.

We cannot do that here.

You are in a country with thousands of POS networks directly connected to internet with no firewall/protection/ips/anything.
Just a small rusty server on wallmarts basement.

There might be a ".exe" protection, but nowadays zero-day exploits can come as funny cat .gif picture or a .docx file

 

[Kin24]

cdclndc[/url]":3cjnb2vo]I used to laugh at my grandfather because he was old school and kept his money stashed away in his mattress. Used to......

That doesnt work when banks can steal from you by convincing the government to print a trillion dollars, give it to them for free, just so they can "loan" it back to the very same country, whose savings have now all dropped in value due to inflation. All while also expecting 20-30% more money in return as their fee for "loaning" the country money, money that the bank didnt have till the country printed it for them. In this way the banks, most especially the central banks, have just about every country on the planet by the balls. Really think about it for a second. I, the taxpayer, via the government, agreed to "give" banks a TRILLION dollars and they then "loan" it back to us and expect 100's of millions in interest payments, to THEM, for the privilege of giving our own money back to us.

 

[dlux]

Kin24[/url]":3a41zu5b]That doesnt work when banks can steal from you by convincing the government to print a trillion dollars, give it to them for free...

I know a lot of us mistrust banks and the fed, but this sort of thing doesn't happen in reality, at least not in the US. We have plenty of other problems with them without making things up.

 

[Kin24]

dlux[/url]":1np11ss2]

Kin24[/url]":1np11ss2]That doesnt work when banks can steal from you by convincing the government to print a trillion dollars, give it to them for free...

I know a lot of us mistrust banks and the fed, but this sort of thing doesn't happen in reality.

Ummm, have you already forgotten the last recession?

 

[mike_syn]

Zoolook[/url]":2ato15ny]Bank employees should not be able to open ZIP files or any executable sent from external email addresses - especially unverified ones. Lock it down.

We cannot do that here.

It is entirely possible to configure mailservers to reject .zip and .exe (or any other extension) attachments, even if the files are not recognized as hostile by a virus scanner.

 

[killing_time]

mike_syn[/url]":t7kw1kh4]

Zoolook[/url]":t7kw1kh4]Bank employees should not be able to open ZIP files or any executable sent from external email addresses - especially unverified ones. Lock it down.

We cannot do that here.

It is entirely possible to configure mailservers to reject .zip and .exe (or any other extension) attachments, even if the files are not recognized as hostile by a virus scanner.

for sure, I've worked with people where this was a problem. and they weren't even a bank.

 

[Newprince]

glitchtrack[/url]":2lrhuxq0]An obvious, if clueless, question: as a customer of Chase, are there steps I should be taking to protect myself? And exactly what sort of account information was stolen, anyway? I know the article says Chase hasn't seen an increase in fraud levels, but it's hard for me to discount the possibility that the information taken during this attack might still be used for fraudulent purposes in the future...

I would change your password to Chase online banking. I ran a Lastpass security check and it listed my Chase as vulnerable, linked to a post about the theft. So it's not a bad idea.

The other banks are still not being disclosed, which makes me furious. OTOH, it's trivial to change my online banking passwords with a p/w manager.

 

[Seraphiel]

According to one source Ars contacted who claims to be familiar with the investigation at JPMorgan Chase, the attack on the bank stemmed from malware that infected an employee's desktop computer. It was not clear whether the malware was delivered by a web attack or by an email "phishing" attack.

In a statement sent to Ars, John Prisco, CEO of the security firm Triumfant said, "The nature of the JPMorgan breach was a persistent threat with a backdoor that enabled the attacker to enter whenever they wanted." He expressed surprise that the breach went undetected for so long, claiming that it was "fairly easy breach to detect."

So I read this as:

1) User logged in with local admin privileges
2) No firewall limiting traffic to trusted addresses

In other words, gross negligence.

 

[r3w1nnnd]

Dilbert[/url]":1sr58d59]

core_dump[/url]":1sr58d59]As a non American, I wonder if Americans perceive Russia as an enemy? Just wondering...

Until about 6 months ago? No. Russians were those goofy fearless folks who drink lots of Vodka.

Now? After everything they've pulled in Ukraine and continue to do so? Maybe. Trending toward yes.

Fearless...maybe...goofy ? HA.
Look throughout history ...biggest military minds couldn't occupy them...why do u think Snowden went there ? Because he likes vodka ? )

Anyways, what makes you think that this is not something like what happens a couple of years ago in middle east, when the NSA killed the internet for an entire country because of an "oops!" moment ?
/paranoia

And Chase uses a citrix based client for their CRM system...citrix itself is a piece of junk, especially the way it's configured for Chase...

 

[RickyP784]

Zoolook[/url]":12mjd4st]Bank employees should not be able to open ZIP files or any executable sent from external email addresses - especially unverified ones. Lock it down.

We cannot do that here.

If you're running Exchange 2010 or 2013, use Transport Rules. Here's a list of potentially dangerous filetypes you may want to block.

You can also add an Edge Transport server in your DMZ or add the Anti-Spam filters directly to your Hub Transport servers to block the most egregious phishing. Spearphishing may only be minimally affected.

Besides that, a number of spam gateways these days can deep scan compressed files and strip malicious contents. If you don't have one, who's fault is that these days, really?

 

[Thrownaway]

cdclndc[/url]":1zgalu67]I used to laugh at my grandfather because he was old school and kept his money stashed away in his mattress. Used to......

It makes more sense in my book to simply avoid the big banks, and use either a local bank or credit union instead. Black-hats rarely seem to bother with those, and in my experience the service is a hell of a lot better.

DoomHamster[/url]":1zgalu67]

dlux[/url]":1zgalu67]

core_dump[/url]":1zgalu67] I wonder if Americans perceive Russia as an enemy?

Yes/no/maybe. It's complicated.

Yeah...I wouldn't say enemy at all, but I would definitely say that we are nervous about Putin and his most recent antics. But probably no more so than what Europeans are feeling right now...maybe even less so due to our geographical separation.

As dlux said....it's complicated.

This exactly. I'd add that the fellow Americans I know don't consider Russians an enemy like past generations did -- we're just increasingly worried that our respective governments are going to turn against one another in a second Cold War or worse.

 

[arthurdent4242]

Why is there no transparency here? Why are we only being told "at least 4 other banks"? WHICH BANKS? How can we, as consumers, be secure in knowing our banks are actually going to be proactive about this? Chances are they won't be.

 

[potato44830]

"Gee, shouldn't the National Security Agency be aware of this sort of activity, or are they too busy collecting all our phone call data?

If they aren't tracking a breach like this then how the fuck are they supposed to prevent a terrorist attack? "

The NSA was set up as a military organization to spy on foreign governments, it wasnt really set up to protect a US corporation.

Sort of like asking the Naval Intelligence people to stop bank robbers. It's not really what they are supposed to be doing.