Pages

7 October 2014

House Intelligence Chair Wants To Increase Offensive Cyber Operations Against Russia; Moscow Suspected To Be Behind JP Morgan Chase Cyber Breach – Retaliation For U.S./Western Sanctions

October 4, 2014

House Intelligence Chair Wants To Increase Offensive Cyber Operations Against Russia; Moscow Suspected To Be Behind JP Morgan Chase Cyber Breach – Retaliation For U.S./Western Sanctions

Patrick Tucker, writes on the October 2, 2014 website DefenseOne,com that House Intelligence Committee Chairman (R.-Mich) Mike Rogers believes the United States should be conducting more disruptive cyber attacks against nations like Russia. “I don’t think we’re using all our cyber-capability to disrupt,” actors in Russia targeting U.S. interests, he said at The Washington Post’s Cyber Security Summit on Thursday.

Rogers cited [cyber] attacks out of Russia on the U.S. financial sector, specifically J.P. Morgan Chase in August that compromised the accounts of some 76 million customers. The FBI is investigating whether or not this most recent cyber breach was retaliation against the U.S. for sanctions imposed against Russia in the aftermath of Moscow’s seizure of the Crimea. Congressman Rogers was careful not to “directly implicate Putin’s government in the attack on JP Morgan Chase,” Mr. Tucker wrote; but, Rogers called the attempted breaches “a decision [made] on the basis of sanctions,” and asked whether the intent was “to monitor transactions, or go in to destroy enough data to cause harm to transactions.” Congressman Rogers called it “enough of an alarm to prompt the [Intelligence] Committee to “ramp up our efforts,” and said the U.S. needs an “understandable policy on what offensive [cyber] operations look like and should be.”

According to Michael Riley and Jordan Robertson, writing in the August 27, 2014 online edition of Bloomberg News, “in one case, hackers used a software flaw known as a zero-day vulnerability in at least one of the bank’s websites. They then were able to breach through several layers of elaborate security to steal sensitive client data. Security experts believe it would have required a very sophisticated cyber adversary — probably a nation-state [Russia], to successfully carry out this operation. The hackers were apparently in JP Morgan Chase’s network for two months before being discovered. “By the time JP Morgan first suspected the breach in July of this year, hackers had already “rooted,” or gained the highest level of [privileged access] to more than 90 percent of [JP Morgan Chase's] servers,” according to The New York Times. 

iSight Partners, a Dallas, Texas-based company that provides intelligence on cyber threats to some of the largest banks, recently warned clients of the potential for retaliatory attacks in cyber space as Western sanctions [against Moscow] tightened,” Bloomberg noted. “Russia has a policy of retaliatory attacks in relation to political contexts,’ said John Hultquist, an iSight expert who would not confirm direct knowledge of the attack. When it comes to countries outside their sphere of influence, those attacks would be more surreptitious.” Still,” Bloomberg notes, “the trail is muddy enough that investigators are considering the possibility that it’s cyber criminals from Russia or elsewhere in Eastern Europe.” 

The power [for the U.S.] to wage [offensive] cyber operations was codified and specified in a Chairman of the Joint Chiefs of Staff (CJCS) Directive issued June 21, 2013 — and, it “alluded to a March 5, 2013 Air Force Instruction mandate, titled, “Command and Control (C2) of Cyber Space Operations (10-17010), “but is otherwise classified,”Mr. Tucker wrote. He added, that “ADM. Michael Rogers, the Director of the NSA and Commander U.S. Cyber Command (USCYBERCOM) said that the NSA has the authority to conduct limited cyber war activities.” “Geographic Combatant Commanders already have the authority to direct and execute certain Defensive Cyber Space Operations (DCO) within their own networks,” ADM Rogers said in recent testimony before the Senate Armed Services Committee.

James Lewis, Director of the Strategic Technologies Program at the Center for Strategic and International Studies in Washington D.C., said, “any U.S. reaction may be muted, even if Washington makes a direct link to Russia — regarding the JP Morgan Chase breach. The threshold for a military response, or a cyber retaliatory measure — is either massive economic harm, or potential loss of life.” Thus, the JP Morgan hack would not measure up to that level mandating a significant cyber response. My guess is that Moscow, even if they are culpable/responsible, it will be extremely difficult to discover indisputable evidence tying Moscow to the hack.

According to the website Politico, “the newest details about the scope of the attack, are likely to increase puzzlement among [many] observers. “Many have questioned.” Politico writes, “why, after gaining access, to the “crown jewels,” of the largest U.S. bank, the hackers did nothing to try and monetize their access…for instance, moving money out of customer accounts. My guess is also that customers who’s accounts were compromised, aren’t likely to attempt to steal anything anytime soon. They may well keep a low profile and wait for an opportune time — months down the road — to actually execute an operation. 

Moreover, Rep. Rogers cautioned that private sector networks, which comprise 85 percent of the networks in the United States, are, “not prepared to handle,” even present-day hacks from nation states, much less a coordinated, retaliatory back and forth of extremely sophisticated [cyber] attacks — the sort of volleying that might be characterized as cyber war. “If your Chief Information Officer says he’s ready for what’s coming, find a new CIO,” he said. V/R, RCP

No comments:

Post a Comment