Scribd
Upload
118 views3 pages

JP Morgan Chase Report

The report analyzes the 2014 cyberattack on JP Morgan Chase, which affected 76 million households and 7 million businesses, highlighting key mistakes such as lack of multi-factor authentication and inadequate network segmentation. It proposes a redesigned security solution including multi-factor authentication, improved network segmentation, advanced intrusion detection systems, and a robust incident response plan, with a detailed timeline for implementation. The findings emphasize the necessity of continuous monitoring and improvement in security measures to prevent future incidents.

Uploaded by

meshablinx38
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
118 views3 pages

JP Morgan Chase Report

The report analyzes the 2014 cyberattack on JP Morgan Chase, which affected 76 million households and 7 million businesses, highlighting key mistakes such as lack of multi-factor authentication and inadequate network segmentation. It proposes a redesigned security solution including multi-factor authentication, improved network segmentation, advanced intrusion detection systems, and a robust incident response plan, with a detailed timeline for implementation. The findings emphasize the necessity of continuous monitoring and improvement in security measures to prevent future incidents.

Uploaded by

meshablinx38
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

Francis Hutchison Williams

Tuesday, 11th March, 2025


Enterprise Security(CY 377)
JP Morgan Chase report

In 2014, there was a cyberattack that affected 76million households and 7million businesses.
The aim of this report is to analyze the attack which is the JP Morgan Chase, see what
happened and how they got attacked to see their mistakes and redesign a solution to prevent a
similar issue from occurring again.

Some mistakes of JP Morgan Chase


1. Lack of a Multi-Factor-Authentication: The attackers gained access to the system using
stolen single-factor login credentials. This highlights the need for better, advanced factor
authentications.
2. Inadequate Network segmentation: Research shows that the hackers way able to move
laterally within the network which gave them easy access to high-value asset. This is as a result
of inadequate network segmentation.

3. Weak perimeter defense: The institution had a poor intrusion detection and prevention
system.

4. Slow response time: The breach remained undetected for months which allowed the hackers
to have a field day with the organization’s information.

A redesigned solution along with a technical plan

1. Enabling a multi-factor authentication


2. Improving network segmentation and zero trust security: We can improve this by conducting
network segmentation assessment, implementing VLANs and subnets, implementing access
controls like firewalls and we can evaluate existing security controls, using micro-segmentation
to help restrict accsess to authorized users and devices to help with zero trust security.
3. Deploy advanced IDS/IPS: We can do this by installing IDS/IPS sensors in locations like
network ingress and egress points and near critical assets. We can configure IDS/IPS sensors to
detect and prevent thrests including setting up rules and also test and fine-tune systems to see if
they're working correctly.
4. Incident response plan: Implementing a robust plan to mitigate the security risks if such an
incident happens again and include regular drills and automated threat response

Timeline to complete such a design


1. Week 1-4: This week will be used for planning how the project will go about and its
design.
2. Week 5-12: This where we start implementing security measures to prevent a
recurrence of the incident in 2014. In these weeks we start by deploying and
configuring our multi-factor authentication.

3. Week 13-18: We plan and implement our network segmentation.

4. Week 19-24: IDS/IPS deployment and configuration.

5. Week 25-30: Incident response planning, implementation and testing.

The 2014 JP Morgan Chase cyberattack has made us realize the importance of having a
robust and foolproof system. Although a system cannot be 100% secure this incident
shows that you should have security measures put in place for continuous monitoring
and improvement. This report has highlighted the mistakes and given some ways
through with the organization can bounce back from a catastrophic event alongside a
timeline.

You might also like