There is a clear trend that every year there are bigger targets compromised with increased frequency with more personal data being collected. The recent attack on JP Morgan Chase is especially alarming considering they are the largest US bank and hackers had gained access to numerous servers with administrative access for nearly a month before being detected.
According to reports, JP Morgan Chase account details for every consumer and business customer, including to name, address, email address and phone number, were compromised. Fortunately more specific details such as account numbers, social security numbers (SSNs) and passwords were not accessed. This is due to much stronger security measures being implemented to keep this data safe.
While the nature of the breach have not been disclosed, the company may have been targeted by a group of Russian hackers. Often these attacks are very well planned, targeting a few key employees for the first stage of the breach. These individuals are analyzed to understand their web habits.
Based on their analysis, an attack will be staged to either infect a target system or to gain credentials. Often it happens by attacking a website that is frequently visited by the target as security of an individual website is far less than that of a big corporate bank.
To reduce the impact of this attack, JP Morgan Chase could have applied the same level of encryption and security to user account details that they applied to account numbers, SSN’s and passwords. Another option would be to enforce a strict two factor authentication policy for all network administrators.
Overall, there is a clear trend of attacks that aim to compromise point of sale systems as well as companies who store vast amounts of user data. These businesses need to prepare for continued attacks by updating their security policies and systems to be on high alert.
I disagree with the last comment. AV is very important along these lines…we know about many knowns some of which are more recent knowns and some are historical knowns that continue to cause command and control theft of sensitive authentication credentials and data from home and office users. These are the same tricks that the CaaS (crime as a service) trade have used for years but the difference is, such new malware are daily variants of formerly effective malware now disabled by AV blacklist signatures. So their are new unknown variants proliferating from old known bad .exe files. Now what to to about the future?, We need software that can detect uknown things. That’s the challenge and many techno firms are working/trying to figure it out. Time will tell if whitehat firms can get ahead of the curve to help protect what’s yours and mine (our data and our privacy, our digital freedom in a safe computing environment), Cheers and have a safe computing holiday season. -RA