Analysis of JP Morgan Case Study: Security Vulnerabilities and Impact

Verified

Added on 2023/01/13

AI Summary

This case study examines the 2014 security breach at JP Morgan, detailing the threats, vulnerabilities, and organizational responses. The breach involved malware and data theft, with the attackers exploiting vulnerabilities in the internal network and security policies. The study highlights the impact of the breach, including the theft of personal and financial data, and the negative impact on the company's brand image. The case study also explores organizational responses and proposes solutions such as implementing host-based intrusion prevention systems, enhancing employee training, establishing network security policies, and using network access controls, VLANs, and NIDS. Centralized logging is also recommended for improved log correlation and protection.

JP Morgan case study
1

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Table of Contents
Threats involved..........................................................................................................................3
System vulnerability involved.....................................................................................................3
Impact of case..............................................................................................................................3
Organisational response...............................................................................................................3
2

Threats involved
The computer systems were infected with malware through which confidential data and
information were stolen. When security breach occurred, the security team of JP Morgan
evaluated entire situation. They looked into their network. Besides that, there were many threats
involved such as lack of policy, ineffective monitoring of systems and server, etc.
System vulnerability involved
It is stated that there were several system vulnerabilities involved that resulted in attack
on JP Morgan. First is there was no proper security in internal network. The employees were
allowed to access only 14% data. Moreover, the security policy was not briefly documented. In
addition to it, no VPN was installed in network that prevented unauthorized access. It led
increase in unnecessary traffic. Along with it, no vulnerability risk assessment was planned. The
servers and systems were not regularly scanned and authenticated. Thus, it did not lead to aware
employee or company regarding any threat or vulnerability.
Impact of case
It is analyzed that in 2014 employee of JP Morgan stole confidential data by log in into
system. By using a VPN, hacker accessed the network and controlled more than 90 servers. So, it
was observed that more than billion password and username were stolen. Confidential info such
as name, contact no. address, etc. of 76 million household and 7 million SME were stolen. Thus,
it led to negative impact on company brand image and security measures.
Similarly, many others companies such as US bullion at Fort Knox does not allow staff to
get close to gold reserve. The have installed high security measures like guard and sentry boxes.
It enables in protecting building.
Organisational response
In future organization can take various measures. They can install a host based intrusion
prevention system which will help in recognizing malware and stopping it. Moreover, by
integrating HIPS with firewall, anti virus software, etc. it will benefit in identifying suspicious
activity. Also, it has better accuracy than other network system. So, it will monitor as well as
block individual computer in network. Besides, it will block unnecessary traffic to enter into
network. Apart from it, JP Morgan can educate and train employees to deal with such situation.
Network security policies can be formed to deal with vulnerabilities and generating awareness
among staff. Network access control can be installed within network for its scanning. In addition,
3

high priority VLAN and NIDS can be implemented to monitor any malicious activity. Central
logging method can be applied which will assist in better log correlation and protecting log
destruction.
4