GCHQ: Financial centers next for Russian hackers

It was all going so well. After decades of Cold War, slightly lukewarm interactions, and the occasionally civil gesture, the United States, Britain and Russia finally found some common ground. And then? Ukraine.

As noted by the International Business Times, Russia and the U.S are now working to mend splintered fences in their diplomatic relations. But according to The Register, this hasn't stopped “so-called patriotic hacker groups” from going after both British and American targets. Former GCHQ director Sir David Omand and current NSA director Michael S. Rogers warn that financial centers, such as London and New York, may be next on the hit list.

Strong Ties

At a recent conference for concerned financial companies jointly organized by the Royal United Services Institute (RUSI), FCA, and Bank of England, RUSI director Tom Keating called Russian hackers a “Tier 1 National Security Threat”.

Meanwhile, Sir David warns that Trojan viruses and worms may have already been planted in critical systems during peacetime. This malware is standing by to cause massive disruption if strained relations can't be improved or nationalistic hacker groups decide to escalate the situation.

Sir David wasn't entirely without hope, mentioning the “deep” transatlantic intelligence relationship between his country and the United States, one which has been “mutually productive over very many years.” The problem? Hackers are happy to exploit the fact that many private financial institutions may have a poor understanding of their own network infrastructure, making it all too easy for malicious actors to slip in undetected and wreak havoc. Transatlantic intelligence agencies are on alert.

But intelligence agencies aren't the only ones communicating across the pond. Most hacker groups will take help regardless of origin, and many exploit kits are both free and open-source.

Already Here

As noted by Bloomberg, the threat of overseas financial hacking has been on the radar for several years. JPMorgan initially implicated Russian actors when the firm's banking network was compromised. In-depth investigations, however, revealed that while some Russian servers and payment processors were involved, citizens of both the United States and Israel were also arrested in connection with these attacks. In other words, hackers are taking it global.

According to The Daily Beast, there's also evidence of Russian-origin attacks on the Pentagon. An email notice sent out by the Department of Defense (DOD) warned that “at least five” agency computers were recently targeted and linked the attacks to earlier penetrations of unclassified networks at the White House and State Department. There are no specifics about what — if any — data was compromised. Technical details reveal attack sophistication that “far surpasses anything we have seen to data from any state actors”, according to security expert Michael Adams, who spent over twenty years with U.S. Special Operations Command. Leveraging spam email supposedly from the National Endowment for Democracy, the attackers were poised to not only infect government computers but also remove any trace of their activities.

Problematic Patriots?

Given the increasing level of hacker sophistication combined with strained Russian-US-UK relations, it's no wonder the GCHQ, NSA, and British financial agencies are worried about the prospect of large-scale attacks on currency-trading cities. Major disruptions there could have far-reaching impact, undermining the confidence of investors and citizens worldwide.

But the combined efforts of RUSI, the FCA, the Bank of England, and multiple spy agencies to warn financiers about the Russian threat speaks to another growing concern:  that fun and profit are not primary motivators for these hacker groups. Patriotic “duty” motivates many to seek out high-profile targets and cause problems. And while some are looking for ways to cover their tracks, others have no issue claiming responsibility and letting the world know they've taken a bite out of the Big Apple or left their mark on London.

Ultimately, financial institutions need to master their own network infrastructure if they are to protect themselves from cybercrimes. Because the hackers are out there, waiting to pounce.

 

Featured image: Rawpixel / Dollar Photo Club