SlideShare a Scribd company logo

Adam Bulava GCC 2019

I
ImekDesign

This document provides a summary of JP Morgan Chase & Co.'s cyber threat landscape report from August 2019. It discusses the current cyber threat environment, including trends in nation state actors, criminal organizations, and hacktivists. It outlines common attack types like data theft, financial fraud, ransomware, and DDoS attacks. No industry is immune from these threats. The document recommends best practices for organizations, including establishing approval processes for payments, validating requests, user access reviews, and education. JP Morgan's approach focuses on architecture, security operations, business engagement, and ecosystem partnerships to prevent threats.

Presentations & Public Speaking
1 of 18
Downloaded 10 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
JP Morgan Chase & Co.Threat Landscape Cyber Threat Landscape August 2019 Adam Bulava | Executive Director | Global Head of Attack Simulation
JP Morgan Chase & Co.Threat Landscape 22 Disclaimer This presentation was prepared exclusively for the benefit and use of one or more J.P.Morgan clients to whom it was directly addressed and delivered. The content is intended for informational purposes and is not intended to be used to evaluate any product or service provided by J.P.Morgan nor intended to be relied on for any related purpose. The statements made in this presentation are confidential and proprietary to J.P.Morgan and not intended to be legally binding. The presentation is incomplete without reference to, and should be viewed solely in conjunction with, the oral briefing provided by J.P.Morgan. It may not be copied, published or used, in whole or in part, for any purpose other than as expressly authorised by J.P.Morgan. Neither J.P.Morgan nor any of its directors, officers, employees or agents shall incur any responsibility or liability to any recipient(s) of this presentation or any other party with respect to its content. © 2019 JPMorgan Chase & Co. All Rights Reserved.
JP Morgan Chase & Co.Threat Landscape 33 Threat Landscape
JP Morgan Chase & Co.Threat Landscape 44 Cybersecurity Risk  Cybersecurity risk reduction is a top priority shared by J.P. Morgan and its clients. It is essential for businesses to identify and address associated legal, regulatory and operational risks through business-informed strategies that focus on safeguarding the confidentiality, integrity and availability of data. Exposure/theft of client data, unpublished prices, sensitive Information, HR data or cross border/information barrier breaches Manipulation of data with the intention of adjusting payment instructions or prices Distributed Denial of Service’ (DDoS) attacks to online services, destructive malware attacks intended to delete critical systems (Wiper) or internal sabotage Confidentiality Integrity Availability
JP Morgan Chase & Co.Threat Landscape 55 Cyber Threat Landscape  The cyber threat landscape for the financial services industry is constantly changing. However, there are currently a number of emerging trends. Nation State Criminal Organization Hacktivist Threat Actor Motivations Attack Types Target Attack vector Data Theft  Exposure/theft of data from an unknowing victim with the intent of obtaining confidential information Financial Fraud  Attacks on the bank and/or its clients/customers with the sole purpose of financial gain Ransomware  Malware that encrypts the victims’ files, blocking access, and then requests a ransom payment before decrypting DDOS  Render online services unavailable through overwhelming with traffic from multiple sources, flooding the bandwidth Data Destruction  Attempt to prevent all further access to data held by a company through complete removal  Intellectual Property  Data – Extortion  Data – TradingEspionage Confidentiality Financial Gain Integrity Availability Confidentiality Disruption Availability  Payment Systems  Clients  Data - Denial  Data – Extortion  Webserver – Extortion  Webserver - Denial  Data – Denial Social Engineering Vulnerability Exploitation *InformationSecurity Risk Classification  Confidentiality: Unauthorized Data Exposure  Integrity: Cybercrime & Fraud  Availability: Malicious Disruption of IT
JP Morgan Chase & Co.Threat Landscape 66 No Industry is immune  Cyber attacks represent a threat of unprecedented scale FINANCIAL  Aug 2018: Hackers siphoned $13.5 million from a bank through fraudulent SWIFT transactions and ATM withdrawals  Mar 2019: A hacker gained access to personal information of 106 million US & Canadian bank customers and credit card applicants. The data included 140,000 SSNs and 80,000 bank account numbers HEALTHCARE  July 2018: A ransomware attack forced a US hospital to shut down its electronic health records system and divert emergency room patients.  Sep 2018: Billing information for 2.65 million people was compromised at a not-for-profit hospital network TRAVEL  Sep 2018: An international airline announced that records for 380,000 customers were stolen in a data breach, including credit card data  Nov 2018: A large hotel chain confirmed that up to 500 million hotel guest records were stolen in a data breach GOVERNMENT  Mar 2019: Hackers infect a major US city government’s network with ransomware, causing delays in home sales, online payments, and other major services. Hack costs the government ~$18MM USD  June 2019: A country’s tax agency database is breached, exposing an entire nation’s personal data OTHER  Mar 2019: A major auto manufacturer announced that it suffered a data breach which affected 3.1 million customers  Mar 2019: One of the world’s largest aluminum producers suffered an extensive ransomware attack that halted production and forced the company into manual operations TECHNOLOGY  Feb 2019: A Norwegian software firm was targeted by hackers attempting to steal trade secrets from the firm’s clients  Mar 2019: International cybercriminals gained access to a major cloud computing company’s network and stole ~10 terabytes of business data
JP Morgan Chase & Co.Threat Landscape 77 Fraud Trends
JP Morgan Chase & Co.Threat Landscape 88 Financial Fraud | Statistic & Trends 74% 78% Companies identified as targets of attempted or actual fraud Organizations experiencing business email compromise 64% Attempted or actual payments fraud that resulted from actions of an individual outside the organization 1 in 3,207 Emails containing malware 64% 77% In 2016 In 2017 In 2016 In 2017 1 2019 AFP Payments Fraud and Control Survey Report 2 2019 Symantec Internet Security Threat Report 82% 80% In 2018 In 2018 Payments fraud discovered by treasury staff / accounts payable staff 67%
JP Morgan Chase & Co.Threat Landscape 99 Financial Fraud | Deep Dive  Defending against financial fraud requires both financial institutions and their clients to understand the risks. There are several key attack methods. A method of manipulating people into divulging sensitive information or eliciting an action that breaks normal procedures. E.g. Phishing, Vishing etc. A client received a call from someone pretending to be an employee of that company. The caller asked for their login credentials in order to conduct “test” payments. The client provided the information without questioning or validating the caller and payments were created and released. Social Engineers often pose as new employees, help desk workers or vendors and may offer credentials to appear legitimate. Through simple questions, they can piece together information via phone calls, email and casual conversation. Threats can come from anywhere, even former employees. Social Engineering Attack Method Real World Scenario Malware Software that is hostile or intrusive and aims to steal, manipulate or corrupt data A client was re-directed to a fake login page that looked very similar to their internet banking site and after multiple failed login attempts was prompted to ask a colleague to also login on the same machine. Fraudsters were ultimately able to capture both login credentials and were able to create and release payments. Malware is used to infiltrate, monitor, control and damage a computer. Email Spoofing A method of trying to collect sensitive information from people via email by impersonating a trustworthy source A client’s email was hacked and fraudsters obtained intelligence and email history to build email spoofing. The client then received an email that appeared to be from one of their vendors providing fraudulent payment instructions and acted on it without validating or authenticating the request. Criminals created a similar email account that appeared to be authentic from the CEO. The email address used was missing just one letter or character and the sender used urgent language to trick the targeted individual into sending a large payment. Similar incidents also occur from emails that appeared to be authentic from CFO, vendors or third parties that victims conduct business with.
JP Morgan Chase & Co.Threat Landscape 1010 The J.P. Morgan Approach
JP Morgan Chase & Co.Threat Landscape 1111 Protection & Prevention | Four Key Focus Areas Architecture & Engineering Protecting Business Data  Security embedded throughout the technology stack  Adaptive security and controls tailored to global business, regulatory and threat environments  Promote security of critical information at every level  Differential protection for critical information assets  Proactive cyber operations that are risk-based & intelligence-led  Comprehensive insider and 3rd party threat protection.  Promote business awareness and preparedness through robust training and simulations  Increased reach of cyber defense through global partner engagement. Security Operations Business & Ecosystem Engagement
JP Morgan Chase & Co.Threat Landscape 1212 Cyber Threat Landscape  JPMC is continually uplifting its capabilities via our firm-wide cyber programs* *The firm’s Global Cybersecurity organization is investing across the spectrum of functional areas and products but has particular focus in 8 Key Firmwide Programs Early Detection Data Protection & Cloud Compartmentalization Vulnerability Reduction & Assessments Cyber Destructive Malware Recovery Counter Fraud Supplier Cybersecurity Access Uplift
JP Morgan Chase & Co.Threat Landscape 1313 Recommended Best Practices
JP Morgan Chase & Co.Threat Landscape 1414 Board Responsibilities | Governance & Security Culture  Analysis of regulatory expectations across multiple jurisdictions identified the following themes OCC / FED CNBV SAMA PRA MAS PBOC / CBRC HKMA BOJ Cyber is a Board Responsibility Cyber must be managed as part of Risk Management Identify and Protect Key Assets Breach Notification Training Awareness Governance - Boards are responsible for oversight: Security Culture – Boards must ensure there is a security culture
JP Morgan Chase & Co.Threat Landscape 1515 Best Practices  Know who has access to your Banking relationships and critical systems. Review system entitlements regularly  Establish multiple levels of approval for payments and business critical tasks  Segregate users and computers that initiate or perform critical tasks  Use approved templates/verified bank lines and restrict use of free form payment  Don’t move money based solely on an email or telephone instruction(s) Even from a trusted source or vendor  Validate payment and beneficiary changes with the requesting party at a known telephone number. Never call a number provided via email or pop-ups  Always validate the sender’s email address by hovering over the email address and/or hit reply. Carefully examine all characters in the email address to ensure they match the exact spelling of the company domain and the spelling of the individual’s name.  Be suspicious of unsolicited emails or phone calls. Never give any information to an unknown caller or click on links in random emails / popup messages  Be especially vigilant during holiday, vacation periods and end of week periods when criminals try to take advantage of the absence of personnel or when criminals are trying to benefit from the global time differences  Publicize how to quickly identify signs of a hacked computer, device or account and to immediately contain/minimize the risk  Take advantage of JP Morgan provided Cyber Fraud training sessions  Train internal staff and external clients (e.g. vendors) about Cyber fraud and related safeguards User Access Verification Vigilance Education
JP Morgan Chase & Co.Threat Landscape 1616 Best Practices  Never install unauthorized applications or external media on your work computer (USB drives, Mobile phones, etc.)  Ensure employees lock their PC desktops when stepping away from their desk  Don’t allow employees to leave sensitive information or credentials on their unattended desks, at printers or copiers  Never use public computers or personal email addressed for business purposes and avoid public Wi-Fi networks for business use  Never disclose specific details of your job on social medial sites  Never provide any of your User IDS or passwords to others  Change your passwords frequently and ensure they are complex, unique, unpredictable and inaccessible  Perform daily reconciliation of all payment activity – Identification and Immediate escalation of anomalies is critical  If your company becomes a victim of fraud, it is imperative to escalate immediately; recovery chances are greater within the first 24 hours  Review plans to ensure continuity of operations in the event a malware infection or if the attack affects your ability to reach the bank Reconciliation Contingency
JP Morgan Chase & Co.Threat Landscape 1717 9 Steps to Better Protect Your Firm Engage an experienced engineering firm that understands the technical risks, complexities of enterprise architecture to do a complete technical independent assessment of your firm’s infrastructure. Establish a clear engagement model with governing authorities, including law enforcement (who are you going to call, which agency and under what circumstances?) Have the relationships established up front. Join an industry-based information security forum, such as FS-ISAC. Understand the latest threats to your industry before they impact your firm. Create an internal team or engage a vendor to attack your systems using the same techniques bad guys do - but all the time, not once a year. Some vendors may also be able to monitor the availability of your credentials to the public on the “dark web.” Malicious email is the No. 1 way bad guys get into organizations. Establish a mandatory baseline training program for all employees that focuses on the specific actions employees need to take to protect your firm. Once you have trained your employees, actively test them. Understand your third party environment and upgrade your contract provisions so that third parties are following the same standards you are striving for in your own environments. Run simulations and drills to assess your capabilities. Use a combination of table top exercises and inject real life scenarios to see how your Security Operations Center responds. Include business and technologists in exercises. Look at all of the ways money leaves your firm. Figure out what controls and thresholds you can put in place to protect money movement, assuming bad guys get around your other controls. Using your web filtering software (block category “None”) is a hugely important mitigation technique. Leverage technology called DMARC, which gives others a way to validate that emails that appear to be coming from you are actually coming from you. Independent Assessment Authority Engagement Join Industry Forum Attack Yourself Mandatory Employee Training & Testing Third Parties Exercise & Drills Money Movement Implement Controls for Maximum Effect
JP Morgan Chase & Co.Threat Landscape Q&A

More Related Content

PPTX
The Board and Cyber Security
FireEye, Inc.
 
PDF
Security Incident Response Readiness Survey
Rahul Neel Mani
 
PPTX
CRI Cyber Board Briefing
OCTF Industry Engagement
 
PDF
M-Trends® 2013: Attack the Security Gap
FireEye, Inc.
 
PPTX
Cyber security
Vaibhav Jain
 
PDF
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Shawn Tuma
 
PDF
Cyber-risk Oversight Handbook for Corporate Boards
Cheffley White
 
PDF
Cyber threat forecast 2018..
Bolaji James Bankole CCSS,CEH,MCSA,MCSE,MCP,CCNA,
 
The Board and Cyber Security
FireEye, Inc.
 
Security Incident Response Readiness Survey
Rahul Neel Mani
 
CRI Cyber Board Briefing
OCTF Industry Engagement
 
M-Trends® 2013: Attack the Security Gap
FireEye, Inc.
 
Cyber security
Vaibhav Jain
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Shawn Tuma
 
Cyber-risk Oversight Handbook for Corporate Boards
Cheffley White
 
Cyber threat forecast 2018..
Bolaji James Bankole CCSS,CEH,MCSA,MCSE,MCP,CCNA,
 

What's hot (20)

PDF
Shift Toward Dynamic Cyber Resilience
Darren Argyle
 
PDF
Cyber Risk Management in 2017: Challenges & Recommendations
Ulf Mattsson
 
PDF
Making Threat Modeling Useful To Software Development
ConSanFrancisco123
 
PPTX
The State of Ransomware 2020
Netpluz Asia Pte Ltd
 
PDF
What CIOs Need To Tell Their Boards About Cyber Security
Karyl Scott
 
PPTX
Cybersecurity Risks for Businesses
Alex Rudie
 
ODP
Cyber Security for Financial Institutions
Khawar Nehal khawar.nehal@atrc.net.pk
 
PPT
Shaping Your Future in Banking Cybersecurity
Dawn Yankeelov
 
PDF
2011 FCC CSRIC WG2A Cyber Security Best Practices Final Report
Phil Agcaoili
 
PPTX
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
IBM Security
 
PPTX
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Phil Agcaoili
 
PDF
The Measure of Success: Security Metrics to Tell Your Story
Priyanka Aash
 
PPTX
Cyber Risk Management in 2017 - Challenges & Recommendations
Ulf Mattsson
 
PDF
Leveraging Board Governance for Cybersecurity
ShareDocView.com
 
PPTX
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
IBM Security
 
PPTX
Banks and cybersecurity v2
Semir Ibrahimovic
 
PPTX
Cyber risk tips for boards and executive teams
Wynyard Group
 
PDF
Securing the Cloud by Matthew Rosenquist 2016
Matthew Rosenquist
 
PDF
Cybersecurity Risk Management for Financial Institutions
Sarah Cirelli
 
PPTX
The Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
John D. Johnson
 
Shift Toward Dynamic Cyber Resilience
Darren Argyle
 
Cyber Risk Management in 2017: Challenges & Recommendations
Ulf Mattsson
 
Making Threat Modeling Useful To Software Development
ConSanFrancisco123
 
The State of Ransomware 2020
Netpluz Asia Pte Ltd
 
What CIOs Need To Tell Their Boards About Cyber Security
Karyl Scott
 
Cybersecurity Risks for Businesses
Alex Rudie
 
Cyber Security for Financial Institutions
Khawar Nehal khawar.nehal@atrc.net.pk
 
Shaping Your Future in Banking Cybersecurity
Dawn Yankeelov
 
2011 FCC CSRIC WG2A Cyber Security Best Practices Final Report
Phil Agcaoili
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
IBM Security
 
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Phil Agcaoili
 
The Measure of Success: Security Metrics to Tell Your Story
Priyanka Aash
 
Cyber Risk Management in 2017 - Challenges & Recommendations
Ulf Mattsson
 
Leveraging Board Governance for Cybersecurity
ShareDocView.com
 
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
IBM Security
 
Banks and cybersecurity v2
Semir Ibrahimovic
 
Cyber risk tips for boards and executive teams
Wynyard Group
 
Securing the Cloud by Matthew Rosenquist 2016
Matthew Rosenquist
 
Cybersecurity Risk Management for Financial Institutions
Sarah Cirelli
 
The Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
John D. Johnson
 
Ad

Similar to Adam Bulava GCC 2019 (20)

PPTX
Baker Tilly Presents: Emerging Trends in Cybersecurity
BakerTillyConsulting
 
PDF
Whitepaper 2015 industry_drilldown_finance_en
Bankir_Ru
 
PPTX
Swift-cyber-attacks.pptx
AmineRached2
 
PPTX
Cyber security and Cyber Crime
Deepak Kumar
 
PDF
Cyber Security Notes Unit 2 for Engineering
nctitacademic
 
PPTX
Banks and cybersecurity v2
Semir Ibrahimovic
 
PDF
ADAM ADLER MIAMI
AdamAdler10
 
PDF
2020-trustwave-global-security-report.pdf
OscarMauricioHernand9
 
PDF
Cyber-Security-Threats-Understanding-the-Landscape.pdf
VAIBHAVSAHU55
 
PDF
Any Information Can be Valuable and Other Lessons from the JP Morgan Breach
CBIZ Risk & Advisory Services
 
DOCX
TECH CYBER CRIME Homegrown menace Contents1. Regional trouble.docx
erlindaw
 
PDF
Cybersecurity Strategies for Safeguarding Customer’s Data and Preventing Fina...
ijsc
 
PDF
Cybersecurity Strategies for Safeguarding Customer’s Data and Preventing Fina...
ijsc
 
PDF
CYBERSECURITY STRATEGIES FOR SAFEGUARDING CUSTOMER’S DATA AND PREVENTING FINA...
ijsc
 
PDF
Cybersecurity and liability your david willson
David Willson, Attorney, CISSP, Security +
 
PPT
Security Manager - Slides - Module 6 Powerpoint Presentation
trevor501353
 
PPT
Security Manager - Slides - Module 6 Powerpoint Presentation
trevor501353
 
DOCX
Case study on JP Morgan Chase & Co
Victor Oluwajuwon Badejo
 
PDF
Cybersecurity in BFSI - Top Threats & Importance
manoharparakh
 
PPT
Security Manager - Slides - Module 2.ppt
trevor501353
 
Baker Tilly Presents: Emerging Trends in Cybersecurity
BakerTillyConsulting
 
Whitepaper 2015 industry_drilldown_finance_en
Bankir_Ru
 
Swift-cyber-attacks.pptx
AmineRached2
 
Cyber security and Cyber Crime
Deepak Kumar
 
Cyber Security Notes Unit 2 for Engineering
nctitacademic
 
Banks and cybersecurity v2
Semir Ibrahimovic
 
ADAM ADLER MIAMI
AdamAdler10
 
2020-trustwave-global-security-report.pdf
OscarMauricioHernand9
 
Cyber-Security-Threats-Understanding-the-Landscape.pdf
VAIBHAVSAHU55
 
Any Information Can be Valuable and Other Lessons from the JP Morgan Breach
CBIZ Risk & Advisory Services
 
TECH CYBER CRIME Homegrown menace Contents1. Regional trouble.docx
erlindaw
 
Cybersecurity Strategies for Safeguarding Customer’s Data and Preventing Fina...
ijsc
 
Cybersecurity Strategies for Safeguarding Customer’s Data and Preventing Fina...
ijsc
 
CYBERSECURITY STRATEGIES FOR SAFEGUARDING CUSTOMER’S DATA AND PREVENTING FINA...
ijsc
 
Cybersecurity and liability your david willson
David Willson, Attorney, CISSP, Security +
 
Security Manager - Slides - Module 6 Powerpoint Presentation
trevor501353
 
Security Manager - Slides - Module 6 Powerpoint Presentation
trevor501353
 
Case study on JP Morgan Chase & Co
Victor Oluwajuwon Badejo
 
Cybersecurity in BFSI - Top Threats & Importance
manoharparakh
 
Security Manager - Slides - Module 2.ppt
trevor501353
 
Ad

Recently uploaded (20)

PPTX
Anesthesia and it's stage with mnemonic and images
panchalkhushal24
 
PDF
natwest.pdf company description and business model
palakbakshi13
 
PPTX
Human Mind & its character Characteristics
peterjoekari
 
PPTX
Intro to ISO 9001 2015.pptx wareness raising
nadianisar5
 
DOCX
ENGLISH PROJECT FOR BINOD BIHARI MAHTO KOYLANCHAL UNIVERSITY
NewGautamInternateHu
 
PPTX
Self management and self evaluation presentation
NikkySharma5
 
PDF
Instagram's Product Secrets Unveiled with this PPT
mainikunal09
 
PPTX
chapter8-180915055454bycuufucdghrwtrt.pptx
ajp27480
 
PPTX
NORMAN_RESEARCH_PRESENTATION.in education
JustineMaluma
 
PPTX
Impressionism_PostImpressionism_Presentation.pptx
PrincessJazminAligan
 
PPTX
An Unlikely Response 08 10 2025.pptx
FamilyWorshipCenterD
 
PDF
Microsoft-365-Administrator-s-Guide_.pdf
martinseguaoje
 
PPTX
_ISO_Presentation_ISO 9001 and 45001.pptx
nadianisar5
 
PDF
Swiggy’s Playbook: UX, Logistics & Monetization
mainikunal09
 
PPTX
2025-08-10 Joseph 02 (shared slides).pptx
Dale Wells
 
PPTX
Effective_Handling_Information_Presentation.pptx
HarisKaimKhani
 
PPTX
Research Process - Research Methods course
2357011035
 
PPTX
PHIL.-ASTRONOMY-AND-NAVIGATION of ..pptx
ajp27480
 
DOC
LSTM毕业证学历认证,利物浦大学毕业证学历认证怎么认证
acoqwo
 
PPTX
FINAL TEST 3C_OCTAVIA RAMADHANI SANTOSO-1.pptx
itsvialalalla
 
Anesthesia and it's stage with mnemonic and images
panchalkhushal24
 
natwest.pdf company description and business model
palakbakshi13
 
Human Mind & its character Characteristics
peterjoekari
 
Intro to ISO 9001 2015.pptx wareness raising
nadianisar5
 
ENGLISH PROJECT FOR BINOD BIHARI MAHTO KOYLANCHAL UNIVERSITY
NewGautamInternateHu
 
Self management and self evaluation presentation
NikkySharma5
 
Instagram's Product Secrets Unveiled with this PPT
mainikunal09
 
chapter8-180915055454bycuufucdghrwtrt.pptx
ajp27480
 
NORMAN_RESEARCH_PRESENTATION.in education
JustineMaluma
 
Impressionism_PostImpressionism_Presentation.pptx
PrincessJazminAligan
 
An Unlikely Response 08 10 2025.pptx
FamilyWorshipCenterD
 
Microsoft-365-Administrator-s-Guide_.pdf
martinseguaoje
 
_ISO_Presentation_ISO 9001 and 45001.pptx
nadianisar5
 
Swiggy’s Playbook: UX, Logistics & Monetization
mainikunal09
 
2025-08-10 Joseph 02 (shared slides).pptx
Dale Wells
 
Effective_Handling_Information_Presentation.pptx
HarisKaimKhani
 
Research Process - Research Methods course
2357011035
 
PHIL.-ASTRONOMY-AND-NAVIGATION of ..pptx
ajp27480
 
LSTM毕业证学历认证,利物浦大学毕业证学历认证怎么认证
acoqwo
 
FINAL TEST 3C_OCTAVIA RAMADHANI SANTOSO-1.pptx
itsvialalalla
 

Adam Bulava GCC 2019

  • 1. JP Morgan Chase & Co.Threat Landscape Cyber Threat Landscape August 2019 Adam Bulava | Executive Director | Global Head of Attack Simulation
  • 2. JP Morgan Chase & Co.Threat Landscape 22 Disclaimer This presentation was prepared exclusively for the benefit and use of one or more J.P.Morgan clients to whom it was directly addressed and delivered. The content is intended for informational purposes and is not intended to be used to evaluate any product or service provided by J.P.Morgan nor intended to be relied on for any related purpose. The statements made in this presentation are confidential and proprietary to J.P.Morgan and not intended to be legally binding. The presentation is incomplete without reference to, and should be viewed solely in conjunction with, the oral briefing provided by J.P.Morgan. It may not be copied, published or used, in whole or in part, for any purpose other than as expressly authorised by J.P.Morgan. Neither J.P.Morgan nor any of its directors, officers, employees or agents shall incur any responsibility or liability to any recipient(s) of this presentation or any other party with respect to its content. © 2019 JPMorgan Chase & Co. All Rights Reserved.
  • 3. JP Morgan Chase & Co.Threat Landscape 33 Threat Landscape
  • 4. JP Morgan Chase & Co.Threat Landscape 44 Cybersecurity Risk  Cybersecurity risk reduction is a top priority shared by J.P. Morgan and its clients. It is essential for businesses to identify and address associated legal, regulatory and operational risks through business-informed strategies that focus on safeguarding the confidentiality, integrity and availability of data. Exposure/theft of client data, unpublished prices, sensitive Information, HR data or cross border/information barrier breaches Manipulation of data with the intention of adjusting payment instructions or prices Distributed Denial of Service’ (DDoS) attacks to online services, destructive malware attacks intended to delete critical systems (Wiper) or internal sabotage Confidentiality Integrity Availability
  • 5. JP Morgan Chase & Co.Threat Landscape 55 Cyber Threat Landscape  The cyber threat landscape for the financial services industry is constantly changing. However, there are currently a number of emerging trends. Nation State Criminal Organization Hacktivist Threat Actor Motivations Attack Types Target Attack vector Data Theft  Exposure/theft of data from an unknowing victim with the intent of obtaining confidential information Financial Fraud  Attacks on the bank and/or its clients/customers with the sole purpose of financial gain Ransomware  Malware that encrypts the victims’ files, blocking access, and then requests a ransom payment before decrypting DDOS  Render online services unavailable through overwhelming with traffic from multiple sources, flooding the bandwidth Data Destruction  Attempt to prevent all further access to data held by a company through complete removal  Intellectual Property  Data – Extortion  Data – TradingEspionage Confidentiality Financial Gain Integrity Availability Confidentiality Disruption Availability  Payment Systems  Clients  Data - Denial  Data – Extortion  Webserver – Extortion  Webserver - Denial  Data – Denial Social Engineering Vulnerability Exploitation *InformationSecurity Risk Classification  Confidentiality: Unauthorized Data Exposure  Integrity: Cybercrime & Fraud  Availability: Malicious Disruption of IT
  • 6. JP Morgan Chase & Co.Threat Landscape 66 No Industry is immune  Cyber attacks represent a threat of unprecedented scale FINANCIAL  Aug 2018: Hackers siphoned $13.5 million from a bank through fraudulent SWIFT transactions and ATM withdrawals  Mar 2019: A hacker gained access to personal information of 106 million US & Canadian bank customers and credit card applicants. The data included 140,000 SSNs and 80,000 bank account numbers HEALTHCARE  July 2018: A ransomware attack forced a US hospital to shut down its electronic health records system and divert emergency room patients.  Sep 2018: Billing information for 2.65 million people was compromised at a not-for-profit hospital network TRAVEL  Sep 2018: An international airline announced that records for 380,000 customers were stolen in a data breach, including credit card data  Nov 2018: A large hotel chain confirmed that up to 500 million hotel guest records were stolen in a data breach GOVERNMENT  Mar 2019: Hackers infect a major US city government’s network with ransomware, causing delays in home sales, online payments, and other major services. Hack costs the government ~$18MM USD  June 2019: A country’s tax agency database is breached, exposing an entire nation’s personal data OTHER  Mar 2019: A major auto manufacturer announced that it suffered a data breach which affected 3.1 million customers  Mar 2019: One of the world’s largest aluminum producers suffered an extensive ransomware attack that halted production and forced the company into manual operations TECHNOLOGY  Feb 2019: A Norwegian software firm was targeted by hackers attempting to steal trade secrets from the firm’s clients  Mar 2019: International cybercriminals gained access to a major cloud computing company’s network and stole ~10 terabytes of business data
  • 7. JP Morgan Chase & Co.Threat Landscape 77 Fraud Trends
  • 8. JP Morgan Chase & Co.Threat Landscape 88 Financial Fraud | Statistic & Trends 74% 78% Companies identified as targets of attempted or actual fraud Organizations experiencing business email compromise 64% Attempted or actual payments fraud that resulted from actions of an individual outside the organization 1 in 3,207 Emails containing malware 64% 77% In 2016 In 2017 In 2016 In 2017 1 2019 AFP Payments Fraud and Control Survey Report 2 2019 Symantec Internet Security Threat Report 82% 80% In 2018 In 2018 Payments fraud discovered by treasury staff / accounts payable staff 67%
  • 9. JP Morgan Chase & Co.Threat Landscape 99 Financial Fraud | Deep Dive  Defending against financial fraud requires both financial institutions and their clients to understand the risks. There are several key attack methods. A method of manipulating people into divulging sensitive information or eliciting an action that breaks normal procedures. E.g. Phishing, Vishing etc. A client received a call from someone pretending to be an employee of that company. The caller asked for their login credentials in order to conduct “test” payments. The client provided the information without questioning or validating the caller and payments were created and released. Social Engineers often pose as new employees, help desk workers or vendors and may offer credentials to appear legitimate. Through simple questions, they can piece together information via phone calls, email and casual conversation. Threats can come from anywhere, even former employees. Social Engineering Attack Method Real World Scenario Malware Software that is hostile or intrusive and aims to steal, manipulate or corrupt data A client was re-directed to a fake login page that looked very similar to their internet banking site and after multiple failed login attempts was prompted to ask a colleague to also login on the same machine. Fraudsters were ultimately able to capture both login credentials and were able to create and release payments. Malware is used to infiltrate, monitor, control and damage a computer. Email Spoofing A method of trying to collect sensitive information from people via email by impersonating a trustworthy source A client’s email was hacked and fraudsters obtained intelligence and email history to build email spoofing. The client then received an email that appeared to be from one of their vendors providing fraudulent payment instructions and acted on it without validating or authenticating the request. Criminals created a similar email account that appeared to be authentic from the CEO. The email address used was missing just one letter or character and the sender used urgent language to trick the targeted individual into sending a large payment. Similar incidents also occur from emails that appeared to be authentic from CFO, vendors or third parties that victims conduct business with.
  • 10. JP Morgan Chase & Co.Threat Landscape 1010 The J.P. Morgan Approach
  • 11. JP Morgan Chase & Co.Threat Landscape 1111 Protection & Prevention | Four Key Focus Areas Architecture & Engineering Protecting Business Data  Security embedded throughout the technology stack  Adaptive security and controls tailored to global business, regulatory and threat environments  Promote security of critical information at every level  Differential protection for critical information assets  Proactive cyber operations that are risk-based & intelligence-led  Comprehensive insider and 3rd party threat protection.  Promote business awareness and preparedness through robust training and simulations  Increased reach of cyber defense through global partner engagement. Security Operations Business & Ecosystem Engagement
  • 12. JP Morgan Chase & Co.Threat Landscape 1212 Cyber Threat Landscape  JPMC is continually uplifting its capabilities via our firm-wide cyber programs* *The firm’s Global Cybersecurity organization is investing across the spectrum of functional areas and products but has particular focus in 8 Key Firmwide Programs Early Detection Data Protection & Cloud Compartmentalization Vulnerability Reduction & Assessments Cyber Destructive Malware Recovery Counter Fraud Supplier Cybersecurity Access Uplift
  • 13. JP Morgan Chase & Co.Threat Landscape 1313 Recommended Best Practices
  • 14. JP Morgan Chase & Co.Threat Landscape 1414 Board Responsibilities | Governance & Security Culture  Analysis of regulatory expectations across multiple jurisdictions identified the following themes OCC / FED CNBV SAMA PRA MAS PBOC / CBRC HKMA BOJ Cyber is a Board Responsibility Cyber must be managed as part of Risk Management Identify and Protect Key Assets Breach Notification Training Awareness Governance - Boards are responsible for oversight: Security Culture – Boards must ensure there is a security culture
  • 15. JP Morgan Chase & Co.Threat Landscape 1515 Best Practices  Know who has access to your Banking relationships and critical systems. Review system entitlements regularly  Establish multiple levels of approval for payments and business critical tasks  Segregate users and computers that initiate or perform critical tasks  Use approved templates/verified bank lines and restrict use of free form payment  Don’t move money based solely on an email or telephone instruction(s) Even from a trusted source or vendor  Validate payment and beneficiary changes with the requesting party at a known telephone number. Never call a number provided via email or pop-ups  Always validate the sender’s email address by hovering over the email address and/or hit reply. Carefully examine all characters in the email address to ensure they match the exact spelling of the company domain and the spelling of the individual’s name.  Be suspicious of unsolicited emails or phone calls. Never give any information to an unknown caller or click on links in random emails / popup messages  Be especially vigilant during holiday, vacation periods and end of week periods when criminals try to take advantage of the absence of personnel or when criminals are trying to benefit from the global time differences  Publicize how to quickly identify signs of a hacked computer, device or account and to immediately contain/minimize the risk  Take advantage of JP Morgan provided Cyber Fraud training sessions  Train internal staff and external clients (e.g. vendors) about Cyber fraud and related safeguards User Access Verification Vigilance Education
  • 16. JP Morgan Chase & Co.Threat Landscape 1616 Best Practices  Never install unauthorized applications or external media on your work computer (USB drives, Mobile phones, etc.)  Ensure employees lock their PC desktops when stepping away from their desk  Don’t allow employees to leave sensitive information or credentials on their unattended desks, at printers or copiers  Never use public computers or personal email addressed for business purposes and avoid public Wi-Fi networks for business use  Never disclose specific details of your job on social medial sites  Never provide any of your User IDS or passwords to others  Change your passwords frequently and ensure they are complex, unique, unpredictable and inaccessible  Perform daily reconciliation of all payment activity – Identification and Immediate escalation of anomalies is critical  If your company becomes a victim of fraud, it is imperative to escalate immediately; recovery chances are greater within the first 24 hours  Review plans to ensure continuity of operations in the event a malware infection or if the attack affects your ability to reach the bank Reconciliation Contingency
  • 17. JP Morgan Chase & Co.Threat Landscape 1717 9 Steps to Better Protect Your Firm Engage an experienced engineering firm that understands the technical risks, complexities of enterprise architecture to do a complete technical independent assessment of your firm’s infrastructure. Establish a clear engagement model with governing authorities, including law enforcement (who are you going to call, which agency and under what circumstances?) Have the relationships established up front. Join an industry-based information security forum, such as FS-ISAC. Understand the latest threats to your industry before they impact your firm. Create an internal team or engage a vendor to attack your systems using the same techniques bad guys do - but all the time, not once a year. Some vendors may also be able to monitor the availability of your credentials to the public on the “dark web.” Malicious email is the No. 1 way bad guys get into organizations. Establish a mandatory baseline training program for all employees that focuses on the specific actions employees need to take to protect your firm. Once you have trained your employees, actively test them. Understand your third party environment and upgrade your contract provisions so that third parties are following the same standards you are striving for in your own environments. Run simulations and drills to assess your capabilities. Use a combination of table top exercises and inject real life scenarios to see how your Security Operations Center responds. Include business and technologists in exercises. Look at all of the ways money leaves your firm. Figure out what controls and thresholds you can put in place to protect money movement, assuming bad guys get around your other controls. Using your web filtering software (block category “None”) is a hugely important mitigation technique. Leverage technology called DMARC, which gives others a way to validate that emails that appear to be coming from you are actually coming from you. Independent Assessment Authority Engagement Join Industry Forum Attack Yourself Mandatory Employee Training & Testing Third Parties Exercise & Drills Money Movement Implement Controls for Maximum Effect
  • 18. JP Morgan Chase & Co.Threat Landscape Q&A