A multi-agency government task force looking into cyberattacks against retailers says it has not come across evidence suggesting the attacks are a coordinated campaign to adversely affect the U.S. economy.
In a two-page report, the National Cyber Investigative Joint Task Force says the global implications of the retail attacks and the economic impact to private business and individual citizens cannot be overstated.
The report obtained by the Associated Press does not identify the retailers by name, but it comes after recent attacks on Target and Neiman Marcus.
The task force document says it is tracking and coordinating cyber investigative information among government agencies and industry partners concerning the use of Kaptoxa, a type of malware that compromises payment information systems, and other related malware by criminal elements.
The report is the combined effort of the FBI, Secret Service, intelligence agencies, and the Department of Homeland Security.
"Bringing all of the government's knowledge together to date, the report demonstrates there is no evidence of a coordinated effort — whether by criminal groups or nation states — to harm the US economy," said Steve Chabinsky, a cyber expert with cybersecurity technology firm CrowdStrike who spent 15 years with the FBI. "Plain and simple, whoever did this just wants to make a whole lot of money."
Chabinsky said he has an unclassified copy of the report. He said it is an effort by the government to reach out to the entire retail industry expressing the government's concern that if these intrusions are allowed to continue, the unintended consequences could have global economic impact.
"The outreach to retail is fairly unique," said Chabinsky. "They're encouraging the retail industry to become part of the information sharing process. Retailers are used to standard losses, but this impacts not only a few individual companies, but potentially a wave of organizations getting hit by the same type of exploit: the government is clearly taking it seriously."