JP Morgan will never forget summer 2014. This was when the bank suffered one of the largest data breaches in banking history. It has since served as an example of the importance of cybersecurity in the financial sector.
In August, the bank’s heads of IT security discovered a serious incident: since June, a group of cybercriminals had been able to access the private information in their users’ accounts. Over the next few months, the bank recognized that the worst had happened: as many as 80 million customers had been hit by the attack.
Luckily, the cyberattack had no direct impact on the customers’ bank balances. While the cyberattacks managed to get their hands on names, phone numbers, and email and physical addresses, they hadn’t managed to get any passwords; these were stored on a much more secure server. To begin with, suspicions abounded about the possibility that the Russian government could be behind the cyberattack, in a politically motivated attack. However, a group led by an Israeli called Gery Shalon was later discovered to be behind the attack. One of the members of the group, a Russian national called Andrei Tyurin, was arrested in Georgia in 2015, and this autumn, will plead guilty for carrying out the cyberattack.
Why is a cyberattack of this type so serious?_
Given that no passwords were stolen, from the outside, it could seem like this cyberattack was a failure. However, this was not the case for the bank. An attack with these characteristics is a big problem, for JP Morgan and any other organization affected, as well as for the whole financial sector.
There are two reasons behind this. Firstly, the data that the cybercriminals managed to get their hands on can be used as a jumping off point for phishing attacks on affected customers. Secondly, this is a serious dent in the reputation of the entities that have been attacked. Many financial institutions are beset by attempted cyberattacks every day. Succumbing to one, however, would bring to light the fragility of what is most likely the sector with the most delicate information. It also had an impact on the profit-and-loss account: JP Morgan lost hundreds of millions of dollars because of this vulnerability.
How to avoid it_
For every company in the financial sector, there are two key elements for maintaining customer trust when it comes to data protection. On the one hand, information privacy is fundamental, since any loss, beyond theft in itself, will cause a serious legal crisis, and tarnish the organization’s reputation in the eyes of their users. On the other hand, it is vital to protect the data that can be accessed via the organization’s endpoints, which tend to be the weakest point in terms of cyberattacks.
This is no small matter. The problem often resides not just in the fact that companies don’t adequately the security of their endpoints, but also in the fact that they aren’t aware of the fact that these endpoints can give access to privileged information. This information could include access credentials or passwords, significantly increasing the chances of data theft.
This is why data handling is so important. To begin with, every company must known what data it stores and where. It is also advisable to store especially sensitive data separately. Luckily, this was the case for JP Morgan. Some of their customers’ personal data (names, addresses, phone numbers) was stored on one server, but the most important (passwords, access to accounts) was on a separate, more secure server.
Cytomic customers have the option to enjoy the solution Data Watch as part of their advanced security architecture. Data Watch monitors the files found on devices and searches for personal and sensitive data, as well as allowing files to be deleted from the single console in order to mitigate risks. This tool makes up part of Cytomic’s solutions for data privacy and control, along with Cytomic Encryption. When combined, both solutions ensure control and management of the personal and sensitive data that the organization has on its endpoints.
No company can be completely safe from cybercriminal attempts to break through their security and steal confidential data. What they can do is to hinder these attempts by making their endpoints, and thus their corporate cybersecurity, impenetrable.