Sign Up Now
Get instant access to over 1 million+ study documents
OR
Already registered? click here to login
By creating your account, you agree to our terms of service, privacy policy and student honor code.
Hacking the AIS
Technological advancements have predisposed many businesses across the globe to challenges related to system manipulation and hacking. Connectivity technology and the internet have eliminated almost all communication barriers that businesses and individuals faced previously. Some of the dangers and risks associated with these advancements include an increase in cyber criminals who invade into the private databases of companies and individuals. For this assignment, I will focus on JP Morgan hacking. This company is the most recent example of how a serious data breach can cause harm to not only the business but to also millions of individuals. The essay discusses the responsibility of the software provider in ensuring that the entity and its customers are guaranteed that their information is protected. Some of proposals are given for businesses such as JP Morgan so that they can ensure that their systems cannot be manipulated in future.
Background Information on JP Morgan
On October 2014, JPMorgan became a victim to cyber criminals when its systems were hacked. The incident was recorded as the largest theft of customer information from an American bank ever to happen in the US. When they broke into its computer systems, they exposed personal data of over 83 million accounts. The exposed data contained customer addresses, names, emails and phone numbers. The hackers entered the database via a compromised app which belongs to the company. This affected present account holders, former account holders, and individuals who had entered their contact details at the company’s mobile and online sites.
Company’s Level of Responsibility in Responding to the Security Breach
JPMorgan could have thwarted the data intrusion by installing a simple security fix to a server, which had been previously overlooked. The company spends huge amounts of money on computer security to protect against complex attacks like this one. However, JPMorgan seems to have ignored its responsibility. The attack started when the hackers stole the login details of one employee. This is the point at which the company could have countered the attack. A double authentication scheme called two-factor authentication could have been installed to prevent access to employees’ computers. Two-factor authentication demands a second one-time password for the user to access a protected system. Apparently, JPMorgan ignored to upgrade one of their network servers using the dual password system. This rendered the institution vulnerable to the attackers. The biggest problem is that...
At JPMorgan, this has been a cause for alarm as it is still common for names of acquired firms to pop up in search engines.
The Level of Responsibility When Third-Party Accounting System is Used
The software provider shares equal responsibility as the company affected. It was the vendor’s responsibility to build a secure network by limiting chances of being compromised by outsiders. The vendor should have prevented the attack by implementing a compartmentalized remote access method, and the hacking would have been much less serious. Also, the vendor should have detected and blocked unauthorized remote access technologies. Today, there are many digital remote access devices, which the vendor should have taken advantage of. In the case of JP Morgan, the vendor used the same port. It is their responsibility to block any unauthorized by using emerging devices such as next-generation firewalls (NGFWs) or Web filters. Usually, these methods contain upgraded applications like remote access devices which the vendor could easily blacklist. Moreover, the vendor could have tuned JP Morgan’s intrusion detection systems (IDSes) to detect such connections and alert those being initiated from within the network perimeter (In Bryant, 2016).
Additional Regulation as a Preventative Measure against Hacked Businesses
Businesses are operating in a new era of cybercrime, which threatens all machines and every internet-connect devices that companies rely on (In Bryant, 2016). The truth is that additional regulation is needed as a preventive measure against businesses being hacked. In a post-cybercrime world, no company can declare itself as wholly secure from hacking. However, they rely on some software flaws that cybercriminals have been using for years. This means that the country should get better at preventing cyber-attacks. The sad point is that companies are not motivated enough to step up their security practices even in the midst of news on attacks targeting some of the biggest corporations. In this view, the only way to prevent businesses from being hacked is through additional regulation.
The JP Morgan data breach exposed personal information of over 83 million customers. The available response measures seem to be inaccurate. The country should introduce a set of cyber security regulations requiring that each bank and financial institution must employ a chief information security officer (CISO)…
References
Rajagopal, ., & Behl, R. (2016). Business analytics and cybersecurity management in organizations. Hershey: Business Science Reference.
Phys.org, (November 10, 2015). JP Morgan Chase breach was among the biggest in recent years. Phys.org - Science and Technology News, 2015-11.
In Bryant, M. (March 10, 2016). How to stay ahead of cybercriminals in the data breach era. Thenextweb.com, 2016-3.
It was from Pecora's hearings that many of the standards and regulations affecting the financial industry emerged, and continue to govern the way the 'street' does business today. It was also the time of the Glass-Steagall Act. The roaring twenties gave way to the Depression Era of the 1930's and still J.P. Morgan bore the standard for financial firms on Wall Street. The firm was the first one to be investigated
JP Morgan Chase Role of administrative agencies The securities and the banking system of a country are known to be one of the strongest and the most important foundations of an economy. To ensure that these systems do not move into negative or loss making territories, the government of a country requires keeping a check and control over the functions and operations of entities that are part of these securities and banking
JPMorgan Chase, in 2012, announced one of the greatest losses through high-risk gambles in securities investments, which are an essential foundation of the U.S. economy. The incidence that occurred in the summer of 2012 resulted in an estimated of $5.8 billion loss in one of the country's biggest banks. The bank's chief investment officer, Jamie Dimon, announced the loss in May 2012. The losses, according to the CIO, resulted from
JPMorgan Chase, the biggest bank in the United States, incurred enormous losses in the summer of 2012 from investment decisions made by its Chief Investment Officer (CIO) worth $5.8 billion. While JP Morgan was the only major profitable bank during the recent economic downturn, the recent losses contributed to intense criticisms since its Chief Executive Officer, Jamie Dimon, opposed stricter regulation in the aftermath of the 2008 economic crisis. However,
Managers at businesses and organizations all over the United States collect and store information. It can be with tangible documents via filing cabinets, or digitally via networked servers. They may even rent "cloud" space to safeguard and keep vast volumes of personal information. Despite the growing occurrence of data breaches affecting private, public, and nonprofit organizations, the majority of organizations and businesses admit knowing too little concerning the consequences and
However, cursory studies that have been conducted are either biased because they seem to present a biased review of certain products or are insufficient because of their limitations and shallowness. Those studies that have been considered to be useful are mentioned below. Robert D. Boerner, Joanne Bourquard, Pam Greenberg (2000) comprehensively elaborates the legal aspect of spam. He provides an in-depth review of the present laws in actions and the