In early September, the JPMorgan data leak even was found; FBI and NSA were both involved in the investigation. At that time, according to Bloomberg reports, data leak occurred in early August, hacker used 0day vulnerability in bank website to launch attacks, FBI considered this is an attack launched by a national hacker organization according to the complexity of the attack.
CISO is a “temporary” worker
In HomeDepot event, we noted that HomeDepot hired a security manager with criminal record; and in this JPMorgan data leak event, the “temporary worker” – its chief information security officer (CISO) is deeply associated with this event.
When hacker invaded the network of JPMorgan, the CISO of JPMorgan – Greg Rattray just took office, he even wasn’t familiar with his parking space; before coming to JPMorgan Rattray assumed the Air Force Information Warfare commander, and before Rattray taking office, JPMorgan former CSIO Anthony Belfiore had resigned earlier this year, during the period, Anish Bhimani served concurrently as CSIO.
Data is more valuable than money
It’s reported that hackers found vulnerabilities in JPMorgan bank computer software and exploited them, attacking over 90 servers, but the survey showed that hackers are more interested in personal information than money. Although bank account password and other crucial information didn’t leak, but just like the impacts caused by other large-scale personal information leak events, users of JPMorgan now are facing the threats of spear phishing and social engineering attacks, for hackers mastered detailed private data of a enormous number of users.
Chief Technology Officer of RedSeal Ph.D. Mik Lioyd believes that in JPMorgan data leak event, hackers were busy stealing users’ information and even had no time to steal money, which indicates that today’s cybercrime group fancy the value of users’ data (user data exchange market and underground processing industry chain have been matured). Just like the army commander is more emphasized on Battlefield intelligence than weaponry.
Difficult to remedy
Relevant officials involved in the investigation said JP Morgan need to take at least several months to ferret out thousands of software applications and confer with technology providers about authorization contract. New York pointed out that this would give hackers a long time window through which they can further attack JPMorgan internal system undetected vulnerabilities.
JPMorgan data leak event also sent by far the most serious security warning to global enterprises: although the most high-edged security response technology and processes are inadequate to deal with automatic coordinated attacks. Enterprises need to do automatic analysis on entire end to end network access path and use security tools to timely detect any wrong configuration and anomalies caused by network complexity.
JPMorgan said they would continue to focus on detection and financial fraud events related to this data leak event, and if customers could timely detect and inform account unauthorized transaction, JPMorgan would bear the loss of customers.
You can’t stop focusing on the security of your account information and other private information stored in your service providers as well as on your own computer. Information and data leak issues occur in anytime anywhere, timely and comprehensive data and file protection is necessary and imperative.