Fortinet: JP Morgan hack has the hallmarks of an APT
The coordinated hacks of JPMorgan Chase and a number of other banks, which was revealed in the global media yesterday, bear all the hallmarks of an APT attack, says Fortinet South Africa.
Jonas Thulin, Security Consultant at Fortinet, says: “From what we know at this point about the attack against JPMorgan Chase, it unmistakably illustrates the characteristics of an Advanced Persistent Threat (APT) attack. It is clear the attackers were using multiple attack vectors, stealth and evasion techniques, and their primary aim was to steal as much sensitive data as possible.”
“A bank such as JPMorgan Chase has very sophisticated security infrastructures in place to protect themselves from cyber-attacks, so we can safely assume that this attack was accomplished by exploiting what is known as a zero-day vulnerability, a software or firmware flaw to which there is no patch, update or fix. These attacks usually cannot be detected by signature-based filters that compare them to known attacks,” he says.
Thulin notes that to detect threats such as these, organisations can no longer simply rely on a single solution; multiple layers of defence are needed to fill possible network security gaps. “Multi layer defence seeks to detect polymorphic malware, prevent receipt of phishing emails, block connection to compromised websites, and deny malware access to its command channel. For zero-day vulnerabilities, organisations need to look at technologies offering sandboxing, bot-net blacklisting, and reputational security scoring of internal assets. These measures needs to be tightly integrated with systems and security tools that provides ongoing monitoring and alerting.”
He advises: “For individuals concerned about their online banking, it is recommended to keep a close eye on account activities. Ensure that you are updated via SMS or email about any account activity. Also ensure that you update your password regularly, and that you utilise any strong authentication mechanism offered by your bank.”