FBI officials on Monday said there was no evidence that the hack of JPMorgan Chase and other U.S. banks’ networks was payback for western sanctions against Russia.

“There’s no indication that [they came] as a result of the sanctions,” said FBI Cyber Division Assistant Director Joseph M. Demarest, speaking to reporters and rejecting suggestions raised in earlier media reports that the intrusions were in retaliation for sanctions.

Officials also said that they still have not determined whether it was a foreign government — such as Russia — or criminals who were behind the network intrusions at JPMorgan and other banks.

Demarest said there have been cases where hackers who work for foreign governments moonlight as criminals, using the expertise learned at their day job to earn money.

“There’s a blending,” said Demarest, speaking after an event hosted by the Financial Services Roundtable. “They may be working as criminals by evening or dark of night and then during the day they’re working on behalf of some government.”

But he said it’s too soon to tell if this was the case with the banks.

“It just takes time” to determine who was behind the attack, Demarest said in a follow-up interview. “We rely on international partners, too, for some of the information we need back.”

Secret Service Special Agent in Charge Edward W. Lowery said the investigation, which began in the summer, is being run as a criminal investigation.

Earlier this month, JPMorgan disclosed in a regulatory filing that the cyber intrusion had compromised the accounts of 76 million households and seven million small businesses.

However, Lowery said, “this was not the biggest intrusion.” The hack of Heartland Payment Systems in 2007, he noted, exposed 130 million credit card numbers alone.