Speed Reads

cyber security

The White House can't figure out the source of the massive JPMorgan cyberattack — and that's a problem

Last week, it was revealed that JPMorgan Chase had been the victim of a massive cyberattack back in July that affected 76 million household accounts. Yet three months after the breach, the White House still cannot pinpoint a source or motive for the hacks, The New York Times reported Wednesday. This comes despite new efforts to inform top national security officials about major cyberattacks, which has led to President Obama and certain advisers receiving "periodic briefings" on such cases.

In addition to JPMorgan Chase, nine other financial institutions were targeted by a single web address. But no money seems to have been taken from any of the 10 institutions, which has advisers baffled and searching for a motive, the Times said. Officials had originally suspected Russian involvement as retaliation for American sanctions on the nation following the crisis in Ukraine, but the paper quoted one senior official as saying that when the president asked directly whether that was the case, the answer was only, "We don't know for sure."

A breach of this scale without an identified source or objective is a major cause for concern because without a culprit, there's no punishment — and thus nothing to deter others from similar attempts. From the Times' report:

The F.B.I. has begun a criminal inquiry into the attacks, and the Secret Service has been involved as well. But across Wall Street, the scale and breadth of the attacks — and the lack of clarity about the identity or motive of the hackers — shows not only the vulnerability of the most heavily fortified American financial institutions, but the difficulty, despite billions of dollars spent in detection technology, in finding the sources of attack. [The New York Times]

In addition to all the questions still left unanswered by the investigation, the original breach of JPMorgan's security went undetected for nearly three weeks, the paper says, and the search for answers wasn't even that urgent until the hack's severity was reported last week. Read more at The New York Times.