Fear, detection, profiling and phishing – it’s all here.
83 million customers were affected by the recent hacking of JP Morgan, the biggest bank in the US. Though payment and social service data were not taken, contact information such as names, email addresses and phone information was. So what does this mean for cybersecurity?
1) Customer fear could be exploited
"Unfortunately we may still see piggyback attacks where cybercriminals launch social engineering attacks to cash in on the customer anxiety that follows the news cycle surrounding reports of any big-name breach," said Tod Beardsley, engineering manager at security firm Rapid7.
2) Detection was fast, but danger is still large
Many big breaches are worsened by tardy detection and reporting from the companies involved. This gives hackers time to sell the stolen details or make use of them in other attacks before customers can take measures to protect themselves.
Garry Sidaway, global director of security strategy at NTT Com Security, said: "The good news on this story is the fact that the time to detect the breach is significantly shorter than the average. But it does still indicate the huge challenges every business has against the increasingly complex threat landscape."
3) Phishers may profile victims
Hackers will profile potential victims if they are believed to be high value enough, and can use the information to make phishing emails even more plausible.
"Loss of data such as names, e-mail addresses, home addresses and phone numbers are all part of the jigsaw that make up a person’s digital presence, and can form a good basis for further targeted attacks on that individual and the other services they use," said Barry Scott, CTO at identity management firm Centrify.
"How many people will be getting phishing phone calls as a result of their phone number being lost in this breach, with the caller using other information to try and prove that they are genuine?"
4) You might want to change your password
In the wake of big cyber breaches it is usually good practice to change passwords, at least if the relevant systems have already been updated.
"From a personal protection point of view, I would recommend changing passwords – and account information, even though JP Morgan’s official advice is that no changes are needed (because this would be quite costly for the bank)," said Guy Bunker, SVP of product at security firm Clearswift.
"By doing so, the ability to phish critical information will be greatly reduced. Someone trying to reset a password on (or access) an old account would be – technically – obvious to the security team."
5) Businesses should protect from remote access
Mobility and the bring your own device (BYOD) phenomenon has caused headaches for cybersecurity in the last few years. In sectors such as finance customers want to access their information anywhere and anytime, but there are things that can be done to safeguard data.
"To truly mitigate risk, IT needs to have in-depth knowledge of their network, using application discovery and analytics tools to ensure 100% visibility of their set-up," said Eduard Meelhuysen, VP EMEA at cloud firm Netskope. "Beyond this, there are three simple, yet important, things that IT can do when enabling remote access to the corporate network – cloud or otherwise – multi-factor authentication, robust audit logging, and anomaly detection."