You might recall that a few weeks ago, I wrote a piece about speculation that the Russian government might retaliate against Western sanctions by unleashing professional hackers on U.S. and European targets. Today comes news that JPMorgan and several other banks were attacked, and some are speculating a political motive.
As is almost always the case in these stories, the news is tantalizing but just vague enough that almost every explanation remains plausible. That means you should maintain a healthy skepticism about any possible Russian connection. I went back to Eben Kaplan, a cybercrime expert at Control Risks, a a global business risk consultancy. Kaplan was very level-headed when we chatted last time, and he was again the voice of reason today. He didn’t say the attacks weren’t state-sponsored, but he said it would be unusual for a “statement” hack to be done in secret.
“To begin with all the attribution to Russia in the Bloomberg story—either to the state government or to criminal groups—appears circumstantial and speculative (though quite plausible). It’s hard to know how significant this is without knowing who done it,” he said. “If I can offer one insight, it is that in the past, politically motivated cyber attacks from Russian soil were much more overt. If this is indeed a politically motivated attack, the level of discretion is new.”
In other words, protests aren’t normally carried out in secret.
Hopefully, more details will emerge in the coming hours and days, but it’s wildly premature to think this attack is an escalation in Cyber Cold War.
Sign up for Bob Sullivan’s free email newsletter.