JP Morgan denies that system blueprints were stolen in June cyber attack

JP Morgan attackers took details of software run across the global bank - although bank denies that any money was taken

More details have emerged about the attack on banking giant JP Morgan, which saw sensitive banking systems hacked and details about clients and deals apparently transmitted to systems in Russia.

The breach occurred in June, but has only recently been disclosed.

According to the latest disclosures, the hackers were able to access information about one million customer accounts and also obtained a list of the software applications installed on the bank's computers. More than 90 of the bank's servers were affected, and the attackers gained high-level administrative privileges in the systems that they cracked.

JP Morgan also claims that its charity website, JP Morgan Corporate Challenge, was attacked with hackers getting login credentials and passwords. However, the bank says that it doesn't know whether the two attacks are related.

Dr Mike Lloyd, chief technology officer at security analytics company RedSeal Networks, suggested that the information accessed by the attackers indicated that they will almost be certainly back again.

"It's noteworthy that what was reported stolen in the JP Morgan breach have been described as ‘blueprints'. It's clear that attackers see value in being able to map out how JP Morgan's infrastructure works," said Lloyd.

He continued: "Military strategists understand the value of maps - both for defence and offence. Unfortunately, today's attackers can establish better maps of sprawling, complex and changing corporate infrastructure than the defenders often can. Every defensive team needs complete and up-to-date maps of the organisation's equipment, but this is often lacking, due to internal politics, lack of tools, or inability to keep up with the rapid pace of business change."

Lloyd described the nature of the attack as a "wake-up call". He said: "If someone already has your blueprints, and you do not, then they will be able to out-manoeuvre you in a later incident."

While the attacks took place in June, JP Morgan did not detect the intrusion until the following month, and only disclosed its existence this month.

However, although it is still trying to determine the extent of the attack, JP Morgan has denied that network blueprints were stolen.

"We uncovered an attack by an outside adversary recently where the firm's technology environment was compromised," Kristin Lemkau, a JP Morgan spokeswoman, told the New York Times. "We are confident we have closed any known access points and prevented any future access in the same way."

She said that the bank had "not seen any unusual fraud activity" since the intrusion was discovered and added that there was "no evidence that they have taken any proprietary software" or had a blueprint of the bank's computer network.

However, the bank's assertion that no funds were stolen since the discovery of the intrusion still indicates that there was a window in June and July during which funds may have been transferred by the attackers.