Federal authorities investigating the massive U.S. bank breach at JPMorgan Chase say they are becoming increasingly confident that the criminals behind the financial institution breach will be arrested and prosecuted in court in the coming months.
Early October of last year JPMorgan Chase was hit with a massive data breach, leaking names, addresses, phone numbers and email addresses of some 83 million customers, shortly after the bank has revealed 90 internal servers had been breached for several months.
Federal law enforcement close to the investigation believe the suspects are “gettable,” meaning they live in a country that complies with U.S. extradition laws, the New York Times reported.
Arresting JPMorgan Chase hackers would be notable for the Federal Bureau of Investigation (FBI) as many severe data breaches last year went unsolved with no reproductions for the criminals. Including the massive Target breach of 2013 that left 40 million customers cards and 70 million customers personal information leaked online, as well as eBay and Home Depot who also suffered unsolved breaches.
Investigators close to the breach say the case is advancing quickly, partially because the attack was not as sophisticated as initially believed, and federal officials were able to nab at least some of the suspects early on.
Due to the severity of the breach, the cyberinvestigation has been passed to the highest levels of law enforcement, the FBI. New York-based FBI officials have assigned several senior agents to the matter along with a top prosecutor at the computer crimes division of Preet Bharara, the U.S. Manhattan Attorney’s office. The investigation is critical since the Department of Homeland Security has declared the banking system critical infrastructures, requiring higher security from digital attacks.
Although the JPMorgan Chase hack resulted in no financial losses, it was one of the largest data breaches of all time, even probing New York financial regulators to urge banks to fix security holes within their services. Regulators attached a letter sent to a number of U.S. financial institutions, including steps companies should take to ensure their service is not vulnerable and third-party services are utilized properly.
During an internal assessment of the bank’s security, the company found by the end of 2014 the bank had made significant progress in reducing severe patch issues in their digital network, but still had a number of critical issues to assess.
Patching holes in financial networks is critical, because hackers breached JP Morgan by exploiting such vulnerabilities which landed them access to 90 internal bank servers. Attackers breached a server that had yet to be upgraded with two-factor authentication, the newspaper reported. Two-Factor authentication is an industry standard, requiring two forms to verify the user before they can gain access to the secure systems. Without it, hackers were able to simplify the breach by logging into the servers with stolen login credentials from a bank employee, while not having to provide any additional details.
Hackers worked their way into more than 90 high-level access servers, but were caught before they could move customers’ financial information to the hackers servers.
In the 2014 annual internal review of the bank, the company noted that JPMorgan had increased security protocols for giving employee’s access to the highest levels of the bank’s network. The company did so to minimize the risk of “catastrophic technical or reputational damage to the firm.” For a JPMorgan Chase employee to gain access to their high security systems, now employees must undergo annual credit screenings and criminal background checks. The bank also noted they conduct routine reviews to ensure high security access is not being abused and given to proper personnel.
Though U.S. federal investigators believe they are close to indicting the JPMorgan Chase hackers, it could be months before any individuals involved appear before a court.