Don't think of big banks solely as overseers of money flowing from account to account, bank to bank, but as the keepers of an array of secret information about business deals and economic intelligence.

An attack on a big bank by a nation-state could be conducted to amass intelligence to help that country protect or boost its economy, help its businesses to compete against the target bank and others institutions and/or economically wound its adversaries.

"The top financial firms all have quite of bit of intelligence because they need to know what their risk exposure is and how it is changing in very real terms," says Allan Friedman, co-author of Cybersecurity and Cyberwar: What Everyone Needs to Know, published earlier this year by Oxford Press.

Some initial news reports suggested that Russian hackers are behind an attack against JPMorgan Chase and perhaps other U.S. banks (see FBI Probes JPMorgan, Other Bank Attacks). But cybersecurity experts warn against jumping to conclusions about the culprits in the apparent attacks, based on the scant evidence available so far.

Fraud Unlikely

No one knows (or is publicly saying) who attacked JPMorgan Chase, and neither the bank nor federal investigators, including the FBI and Secret Service have disclosed what information was pilfere (see: New JPMorgan Chase Breach Details Emerge). But experts say that if a nation-state breached the banks' computers, it was highly unlikely done to steal money or to poach account and personally identifiable information that could be used to conduct fraud.

"A government-sponsored actor doesn't have the same goals as a crime organization - the objective is much bigger than that," says Philip Casesa, director of IT service operations at (ISC)2, an IT security education and certification organization. "It isn't stealing dollars - it's manipulating world politics by shifting the economic balance of power."

(None of the experts quoted in this blog have direct knowledge of the suspected breach or any alleged Russian government involvement. They base their observations on their understanding of past acts of Russia and other nation-states and on how American banks defend themselves against cyber-assaults.)

Payback Time

But one line of speculation - and it's only conjecture at this point - is that the Russian government might be behind the apparent attacks, in part, as payback to the United States for imposing sanctions on the Russian government, its officials and businesses, including several banks, for Moscow's invasion of Ukraine.

"Our sanctions of Russia back in July identified key individuals who play a role in the Russian economy and had holdings in Russian banks," Casesa says. "Clearly, the U.S. government had information on them and this may be an attempt to even the playing field."

Steve Hultquist, chief evangelist at RedSeal Networks, a provider of network visibility and analytics products, picks up on that same theme. "Specialized knowledge of the mechanics of the finance industry could potentially be combined with information they found to help them determine financial strategies, risks taken, potential options for causing financial loss and related actions to take against either JPMorgan or against those who have funds held by JPMorgan."