According to the New York Times, the JPMorgan breach “might have been thwarted if the bank had installed a simple security fix to an overlooked server in its vast network.” And what fix was that?
Two-factor authentication. With this type of security, a user is required to produce two factors of authentication. One could be a password and another could be a dynamically produced PIN number.
This appears to tell us that a major American bank was breached because they exposed a console login on a public network and someone ran a dictionary attack against it.
This means they never picked up thousands of failed login attempts on that server. And it means an unguarded and “overlooked” computer had access to their private network. Just wow.
Later we find another interesting morsel in that article.
It is not clear why the vulnerability in the bank’s network had gone unaddressed previously. But this summer’s hack occurred during a period of high turnover in the bank’s cybersecurity team with many departing for First Data, a payments processor.
Your JoeDog is not suggesting it was an inside job by disgruntled employees, rather it looks like JPMorgan-Chase was a shitty place to work.