According to Bloomberg, who first reported on the breach, US authorities believe that the hackers stole information about customers and employees, opening the possibility for “significant financial fraud.”
But what raised my eyebrow was a claim that the FBI is exploring the possibility that Russian hackers, backed by the Kremlin, might have launched the attack in retaliation against US sanctions over the military conflict in Ukraine.
There are certainly plenty of commentators happy to be rolled out in front of the media to say businesses need to brace themselves from Russian cyberattacks in retaliation for Western economic sanctions. But it’s not as if the Russians isn’t the only country not keen on the United States right now, right?
And who is to say that the hacks were state-sponsored anyway?
Yes, it’s perfectly possible that a hack might be perpetrated by an intelligence agency, or have the backing of a foreign country.
But it’s extremely difficult to attribute an internet attack to a particular country, let alone tell the difference between an attack conducted by a pizza-loving hacker who happens to be on an overseas intelligence agency’s payroll, and a hoody-wearing hacker who is in the pocket of an organised criminal gang.
So, leaping to any conclusions that an attack is sponsored by a particular country, or indeed what the motivation might have been seems premature – and there’s a danger that experts are getting carried away with the thought of the mainstream media lapping the news up.
According to the New York Times, a source close to the bank says that no increase in the level of fraud has been seen recently.
Fascinatingly, according to a Reuters report, some cold waters are being thrown on the flames not just on the possible origin of the attack but whether there has been any significant attack at all.
FS-ISAC, a banking industry group that shares information about attacks on financial services, says that there are “no credible threats posed to the financial services sector at this time” and is “unaware of any significant cyber-attacks causing unauthorized access to sensitive information at any member institutions.”
What do you think? Leave a comment below.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.