What the JP Morgan Chase Data Breach Means for Cyber Security in Banking

It’s always alarming when a financial institution is the target of an attack, but it happens more frequently than most of us would like to acknowledge. Banking systems are highly secure, but they’re also very large. And because they are always under attack, it makes sense that eventually a bank data breach will occur.

Cyber security in banking is strong, but it isn’t flawless. Many banks are still adapting to new cybersecurity issues, after decades of being relatively modest regarding their technology adoption and improvements. And there are always more lessons to learn.

Let’s take a look at what the JP Morgan Chase data breach in 2020 means for cyber security, especially in the banking industry.

The Attack: A Missing Security Fix Could Have Avoided the Problems

It’s believed that the JP Morgan Chase data breach occurred because of a single security fix that wasn’t applied to a single system.

This happens more than people might think. Many systems are exceedingly complex, and there can be archaic areas of the system, such as apps that are infrequently used, that aren’t going through security updates. If the entire system is not controlled, it’s very easy for these issues to occur.

What can a company do? A company like Chase is in the financial industry — they undoubtedly have a robust internal department that should be concentrating on updates and patches. But most companies can’t have their own internal IT department. Instead, an MSP can help them ensure that nothing is missed.

Attacks can be extremely difficult to avoid. In the case of Chase, they were the victim of a targeted attack. Many companies will find themselves eventually compromised by such an attack. Companies need to be prepared to identify attacks and respond very quickly if an attack does breach their systems.

The Timeline: J.P. Morgan Was Compromised for Two Months

J.P. Morgan only noticed the attack because the hacker made a mistake; they were compromised for two months. This is very common. Some large organizations are compromised for over a year before they notice. And that’s a problem. The longer a system is compromised, the more data can be accessed, the more damage a hacker can do, and the less likely it is for the hacker’s actions to be traced.

In fact, finding the attack in only two months was pretty good. Many similarly sized attacks have taken much longer to notice. However, J.P. Morgan has a very large security team. That’s not really feasible for a lot of companies, especially the small-to-midsized businesses that are often targets.

So, what can companies do? Advanced scanning solutions make it easier to identify an attack when it occurs. Organizations have to be able to silo their data, especially their most important data, too — so they can be certain that this data wasn’t compromised during an attack. The longer an attack is allowed to go on undetected, the more difficult it can be to recover.

The History: J.P. Morgan’s Insider Threats

J.P. Morgan Chase has been the target of multiple insider threats. Though they were able to react swiftly to this data breach, they have actually experienced multiple breaches — sometimes with employees leaving with privileged information. This highlights the fact that a company’s employees are almost always their weakest link. You don’t need to crack into a system if you already have access to all the data.

In addition to scanning for potential vulnerabilities, businesses also need to be very conscientious about user permissions. Businesses need to think about which users interact with which data and how easy it is to save this data to another system. Ideally, it should be very difficult for any data to be taken off the system.

While it’s not known that the hack had anything to do with an insider, J.P. Morgan’s sustained issues have involved them. Systems administrators and outsourced professionals, like MSPs, can monitor employee actions and identify potentially suspicious behaviors — such as employees trying to access data that they don’t usually access.

Breaches like the Chase security breach are going to happen. The JP Morgan hack did have a few factors going on, but realistically most banks can be cracked with concerted efforts. Companies need to be aware that if they become the target of a digital attack, it’s very possible that their security will fail. What is hoped is that they will be able to react to those threats swiftly.

How would your business perform under an audit? Contact us today to find out.