The FBI is trying to determine if financial institutions funded a revenge strike on a cybercrime group in Iran, according to Bloomberg.
- Spotlight on JP Morgan
- Fear of the unknown
- Bloomberg’s sources & their message
- The question of the hack-back
- Counterattack is not a fix.
Spotlight on JP Morgan
The Federal Bureau of Investigation is currently trying to determine if any American banks organized or financially supported the breach of an Iranian hacking coalition that experts think was responsible for a 2013 hack wave against US financial firms. The news on this FBI case broke right at the end of December, first via the Bloomberg news service and subsequently by Damon Poeter in PC Magazine.
Bloomberg, which printed the story based on anonymous tips, did not list the names of individual banks but did provide a somewhat glaring hint, mentioning that JP Morgan leadership “advocated such a move in a closed meeting in February 2013.”
In response to claims, the financial giant has said that “no action was ever taken.”
Bloomberg argued that for-profit enterprises, increasingly targeted by data thieves, have started to ignore legal web restrictions in order to get access to the attackers’ systems and grab their information — although assumedly it is backed up in secondary locations — possibly also derailing the hackers.
Fear of the unknown
The possibility of being devastated with a humiliating and expensive hack, as occurred to Sony Pictures, is making security executives at Fortune 500 companies jumpy. Some organizations are irritated that the public sector isn’t stepping in to defend their data from theft.
Feeling that they have no other choice, enterprises are considering more “Wild West” tactics that step beyond protection into the realm of the counterattack.
Some firms are hiring computer security companies to help them develop strategies to render the hackers’ machines dysfunctional or to snoop within overseas servers to determine the extent of data and trade secrets taken by criminal syndicates.
These acts of revenge by corporations that have been infiltrated by outside groups are possibly already occurring, said Republican Congressman Michael McCaul of Texas, chairman of the Homeland Security Committee. These firms may be attacking hacker networks “without getting permission” from federal authorities, Rep. McCaul said.
Bloomberg’s sources & their message
The news service spoke with 12 different IT security experts and former federal agents who said that there is a growing, generally tacit sense of stress within IT departments following the Sony Pictures breach.
Many feel that law-enforcement officials have failed to respond appropriately as financial institutions, e-commerce sites, entertainment resorts, utilities, and production facilities have been invaded by overseas assailants. American for-profit organizations don’t have obvious avenues to “punch back” when they are blindsided by hackers.
Hacking represent a $575 billion expense for businesses and governments worldwide, per a June report from McAfee codeveloped with the Center for Strategic & International Studies. Counterattacks are a growing but atypical element of the climate that is still not a major focus for the data protection industry, which Gartner forecasts will achieve revenues of almost $80 billion in 2016.
The question of the hack-back
“The idea of hacker-on-hacker justice raises thorny questions,” explains Bloomberg, “including when U.S. companies can legally order international strikes on their behalf.”
Plus, it’s unclear what exactly the penalties would be for going after cybercriminals who are possibly funded, directly or indirectly, by the foreign governments of North Korea (Sony Pictures suspect), Iran (JP Morgan suspect), China (Anthem suspect), or Russia (US State Department suspect).
The concept of a counterattack was highlighted in the public eye when Obama said that the United States would go after North Korea’s technological infrastructure in response to the Sony incident – an attack that cleaned out proprietary information, including clips from released films and emails between top executives. The strike, which many believe was an occupation lasting over six months, came across as borderline demonic by including an image of a red skeleton on employee computers the day that the malware conducted its final strip-down of the studio’s systems.
Within the week, North Korea was having problems with web connectivity. The White House did not publicly confirm that the United States was involved. Keep in mind, all of this was caused by a truly awful movie that many people felt bad about watching.
“Sony represents a dramatic escalation — one so punitive in nature that I think it does change the equation,” argued Tom Kellermann, the top security executive at Trend Micro, a web security outfit headquartered in Japan. The company recommends that victims should NOT take retaliatory action when they get hacked.
Actually, JP Morgan is not alone if it’s true that they talked about countermeasures but did not actually launch an attack. Kevin Mandia, the head of hacking analysis firm Mandiant, noted that a sizable percentage of organizations talk about retaliation; but very few strike back, fearing that they could start a hacking war with the intruders.
Counterattack is not a fix
The notion of the street justice of a counterstrike might sound exciting. Tales of revenge are captivating, after all. However, the real concern is making sure that all data is safely secured in multiple locations.
Safeguard your website and database now with our automatic backups, featuring military-grade encryption and other enterprise-level protections.
RELATED: Global banks are getting frustrated for a reason: a multinational hacking group has successfully stolen up to $1 billion from them [link to “Report: Cybercriminals Make Millions with Malware & Mimicry”].