JPMorgan Hack: 2FA MIA In Breached Server

Sources close to the breach investigation say a network server missing two-factor authentication let attackers make their way into JPMorgans servers.

Its not uncommon for cyber criminals or other attackers to hack their way to an organizations data via a forgotten machine sitting on the targets network, but you wouldnt expect that to happen at a major financial institution. That is apparently exactly what led attackers to infiltrate JPMorgan this year in a breach that escalated because the bank neglected to institute strong, two-factor authentication on one of its servers, according to a new report.
The New York Times reported this week
that sources briefed on investigations into the cyberattack on JPMorgan last spring say the big hole that led attackers to the data was the lack of two-factor authentication of one of the banks network servers. The attackers ultimately stole information on 83 million households and small businesses including email addresses, home addresses, and phone numbers.
Many details of the hack are not yet known publicly, but the initial attack started with the attackers grabbing the credentials of a JPMorgan employee, according to the new report. The lack of a second factor of authentication in one of the banks network servers left the bank open to the data theft.
The initial attack vector has not been made public, but an obvious possibility would be a phishing email or some other common way to dupe the banks users and get a foothold into the network. Once the bad guys can pose as a legitimate user, they attempt to move around the network and steal information under the radar.
Until companies divorce the belief that users and accounts are the same thing, and begin monitoring account usage, vigilantly searching for compromised account usage, this trend of breaches will continue, says Trey Ford, global security strategist at Rapid7. Once an attacker has a privileged credential, they can usually access sensitive data and escape most incident detection solutions because they appear as a valid user to those detection solutions.
The JPMorgan hackers were able to access more than 90 of the banks servers, but were detected before they got to sensitive customer financial information, sources in the Times article said. The NSA is also assisting the bank in ensuring its network is more tightly locked down.
These latest revelations underscore a difficult truth: It is effectively impossible to keep track of every possible hole in a modern network, says Steve Hulquist, chief evangelist at RedSeal.

Last News
▸ Ways cybercriminals target cloud systems. ◂ Discovered: 27/12/2024 Category: security	▸ Eliminate excuses in testing app security. ◂ Discovered: 27/12/2024 Category: security	▸ Protection companies reevaluating strategies post targeted attacks. ◂ Discovered: 27/12/2024 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
JPMorgan Hack: 2FA MIA In Breached Server