TMCnet News

US banking group downplays cyber attacks [ITWeb]
[August 29, 2014]

US banking group downplays cyber attacks [ITWeb]


(ITWeb Via Acquire Media NewsEdge) An influential US financial services industry group that shares information about cyber threats has said it is unaware of any "significant" cyber attacks, downplaying concerns about possible breaches at JPMorgan Chase & Co and other banks.



The group, known as the Financial Services Information Sharing and Analysis Centre, or FS-ISAC, includes all major US banks and dozens of smaller ones, along with some large European financial institutions.

"There are no credible threats posed to the financial services sector at this time," the group said in an e-mail to its members.


FS-ISAC told members in the e-mail that it decided not to raise its barometer of threats facing banks during a regularly scheduled conference call on Thursday. During the call, members discussed threats facing the financial services sector, including reports of suspected cyber attacks on JPMorgan and other banks.

It added it was "unaware of any significant cyber attacks causing unauthorised access to sensitive information at any member institutions".

JPMorgan had said early on Thursday it was working with US law enforcement authorities to investigate a possible cyber attack.

The bank provided little information about the suspected attack, declining to say whether it believed hackers had stolen any data or who might be responsible.

"Companies of our size unfortunately experience cyber attacks nearly every day. We have multiple layers of defence to counteract any threats and constantly monitor fraud levels," it said in a statement.

The FBI had said late on Wednesday it was looking into media reports on a spate of attacks on US banks, raising concerns that the sector was under siege by sophisticated hackers.

Yet several cyber security experts said they believe those concerns are overblown.

"Banks are getting attacked every single day. These comments from FS-ISAC and its members indicate that this is not a major new offensive," said Dave Kennedy, CEO of TrustedSEC, whose clients include several large US banks.

"While we should remain diligent and active in monitoring, it doesn't appear there is a major offensive," said Kennedy.

The e-mail said FS-ISAC was maintaining the threat level at "guarded", noting that financial services firms continue to face a variety of threats.

It cited recent attacks on retailers using malicious software that targets point-of-sales systems, SMS phishing campaigns targeting bank customers, and a recently disclosed attack on hospital operator Community Health Systems.

The group also warned members about the potential for cyber-related activity emerging from conflicts in the Middle East and Ukraine.

"They are basically saying that the attacks they are seeing are the standard patterns. That it is business as usual," said Daniel Clemens, CEO of cyber security firm PacketNinjas.

Renewed concerns that banks might be victims of significant cyber attacks emerged after Bloomberg News reported on Wednesday that Russian hackers were believed to have recently stolen sensitive data from JPMorgan and another unnamed US bank. The New York Times subsequently reported that JPMorgan and at least four other US banks had been attacked.

The FBI said it would work with the Secret Service to investigate those reports.

One cyber security executive who frequently works with large banks said he suspected the activity described by Bloomberg and the Times was likely run-of-the-mill attacks that financial institutions fend off on a regular basis.

"There are intrusions every single day. It would be news if banking institutions were not being attacked," said the executive, who is not authorised to publicly discuss the matter. "There have been no disruptive attacks that I am aware of." (c) 2014 ITWeb Limited. All rights reserved. Provided by SyndiGate Media Inc. (Syndigate.info).

[ Back To TMCnet.com's Homepage ]