JPMorgan and other US banks get hacked. Why is Russia getting the blame?

JPMorgan ChaseThe big security news is that a number of US Banks, including JPMorgan Chase, have been hit by hackers who launched a “coordinated attack” on their computers systems this month.

According to Bloomberg, who first reported on the breach, US authorities believe that the hackers stole information about customers and employees, opening the possibility for “significant financial fraud.”

But what raised my eyebrow was a claim that the FBI is exploring the possibility that Russian hackers, backed by the Kremlin, might have launched the attack in retaliation against US sanctions over the military conflict in Ukraine.

There are certainly plenty of commentators happy to be rolled out in front of the media to say businesses need to brace themselves from Russian cyberattacks in retaliation for Western economic sanctions. But it’s not as if the Russians isn’t the only country not keen on the United States right now, right?

Sign up to our free newsletter.
Security news, advice, and tips.

And who is to say that the hacks were state-sponsored anyway?

Yes, it’s perfectly possible that a hack might be perpetrated by an intelligence agency, or have the backing of a foreign country.

But it’s extremely difficult to attribute an internet attack to a particular country, let alone tell the difference between an attack conducted by a pizza-loving hacker who happens to be on an overseas intelligence agency’s payroll, and a hoody-wearing hacker who is in the pocket of an organised criminal gang.

So, leaping to any conclusions that an attack is sponsored by a particular country, or indeed what the motivation might have been seems premature – and there’s a danger that experts are getting carried away with the thought of the mainstream media lapping the news up.

According to the New York Times, a source close to the bank says that no increase in the level of fraud has been seen recently.

Fascinatingly, according to a Reuters report, some cold waters are being thrown on the flames not just on the possible origin of the attack but whether there has been any significant attack at all.

FS-ISAC, a banking industry group that shares information about attacks on financial services, says that there are “no credible threats posed to the financial services sector at this time” and is “unaware of any significant cyber-attacks causing unauthorized access to sensitive information at any member institutions.”

What do you think? Leave a comment below.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

3 comments on “JPMorgan and other US banks get hacked. Why is Russia getting the blame?”

  1. Sylvia

    who are the "other banks"

  2. Coyote

    Re:"So, leaping to any conclusions that an attack is sponsored by a particular country, or indeed what the motivation might have been seems premature – and there’s a danger that experts are getting carried away with the thought of the mainstream media lapping the news up."

    Basically they're trying to sound/appear important, that they have things under control (seems however that someone ELSE has control… and who knows if they left any backdoors, anything else, without serious clean up (and even then if they wipe it there is no guarantee that there was or wasn't any thing removed and at the same time depending on how long the attack happened – as a general rule – ago, is it on backup? Would depend on what is left there and what they back up, of course)). In reality they don't and it is much like a cover-up. We're doing fine is only to silence others (or try to) so as not impact their credibility and equally their reputation. Unfortunately they are going about it the wrong way – giving vague answers in such a case is worse than no answers (or here's an idea: "we don't know everything just yet …"). They're actually showing their true colours to those who can think for themselves (maybe they're on to something after all … is something that I can see them thinking of but in the end it isn't honest, it isn't upfront and it is therefore the wrong way to deal with it).

    Re: "FS-ISAC, a banking industry group that shares information about attacks on financial services, says that there are “no credible threats posed to the financial services sector at this time” and is “unaware of any significant cyber-attacks causing unauthorized access to sensitive information at any member institutions.”"

    I don't buy it one bit and as a banking industry, well…. But even if they have some information there is never a guarantee they have all (if one thing happens who is to suggest nothing else happened too ?).

  3. Silas Barone

    Keep up the wonderful work.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.