Tuesday, October 21, 2014

NEWS: Russians Ruled out by officials on JP Morgan Chase Hack - Conflicting releases by Chase on this one

Pay close attention to news stories such as this one:

Reuters Article

They are being very careful not to accuse Russia of state sponsored hacking but many of the systems linked to this attack were located in Russia. Also to note is that these are Federal agents reporting under political pressure. The article states that the attacks were not retaliation for US sanctions but that does not mean that Russian cyber criminals or organized crime were not behind the attack. It's all in the wording folks. Look at what the article states.

We stand by our earlier statements based on Russian speakers and additional information collected after the attack. JP Morgan may have been the victim of several breaches from the looks of it.

JP Morgan in earlier press releases has stated that the attackers were linked to Italy or Southern Europe. If you remember that was the second disclosure by JP Morgan and came after the first disclosure. There appears to be some shuffling going on concerning this story and it's quite interesting to watch how this is playing out. Conflicting news and information. Statements and then retractions.

Wouldn't it be better if they just said look we know the machines were located in these countries but we do not know who is behind the attacks?

Cyber-attacks on JPMorgan Chase & Co. (JPM) and 13 other financial companies may have been carried out by hackers from a foreign government moonlighting as criminals, a senior Federal Bureau of Investigation official said.
The FBI is investigating the possibility that hackers who raided the data banks of JPMorgan to steal customer information from 76 million households and 7 million small businesses did so with the knowledge and consent of a foreign government, Joseph Demarest, assistant director of the bureau’s cyber division, said.


AND THIS ONE - Full Story from Bank Info Security

But an FBI spokesperson told ISMG: "There hasn't been a person, group or nation state who we've definitively attributed anything to." As a result, the possibility is "still open" that the Russian government could, in fact, have played a role in the bank attacks, the spokesperson said.
We see the story changing day by day from "officials". I would hate to be in JP Morgan Chase security right now. Interestingly enough I just close out a Chase account. I wonder if they will notify previous customers of a data breach or if they will only notify current customers. With this delay in information it appears as though many consumers are on their own but we already knew that was the case. We are all pretty much responsible for our own security of our own personal information. We cannot rely on companies to do it for us. And that's a fact.

No comments:

Post a Comment