JPMorgan repels 45 billion cyber attempts a day, says exec The Register

The largest bank in the United States repels 45 billion - yes, with a B - cyberattack attempts per day, one of its leaders claimed at the World Economic Forum in Davos.
Mary Callahan Erdoes, JPMorgan Chase's CEO in charge of asset and wealth management, revealed the figure during a discussion of the future of banking at Davos yesterday, adding that the number is twice what the institution faced a year prior.
JPMorgan Chase, the largest US bank by market cap, claims to have 62,000 technologists working to protect corporate assets - a figure Erdoes claims tops the engineer count at Google or Amazon.
OK, here's where we bring this back down to Earth: Yes, 45 billion is a lot.
That's an average of 521,000 per second per day.
We all know that is going to be mostly port scans, automated checks for known vulnerable services, and similar chaff.
It's not going to be 45 billion fully formed attacks per day; it's more of an indication of the amount of traffic being thrown at JPMC's network boundaries.
We imagine the bank's biggest worry, or one of them, isn't the volume of poking it's getting, it's that the wave after wave of connections may be masking more sophisticated and tangible attempts to break into its networks.
It's a tactic crooks use: distract IT admins with loads of suspicious-looking traffic while sneaking in round the back via some quiet vulnerable service or a spear-phishing email.
A big challenge will be determining out of all the scans and prodding the actual legit intrusion attempts.
That all said, it's not a surprise that JPMorgan Chase, with its high profile in one of the sectors most targeted for cyberattacks, faces so many probings and prodding: There's a lot of money to be siphoned from the financial giant, which reported $3.9 trillion in assets as of Q4 [PDF] last year.
A report from the Bank of England further solidifies the perceived risk of cyberattacks in the banking world, with such incidents topping the list of what bank executives see as their top threats and greatest challenges.
Even epic levels of investment in people and tech haven't been enough for institutions like JPMorgan, however.
JPMC was ordered to face a lawsuit in January 2023 filed by a subsidiary of eyewear megafirm EssilorLuxottica, who alleged the bank was negligent in ignoring signs of fraud.
That negligence, the complaint states, allowed cyber crooks to make off with $272 million in funds from Essilor's manufacturing arm over the course of 243 fraudulent transactions.
Beyond lapses of judgement that allow fraud to proliferate, JPMorgan Chase has also made internal technical mistakes that have cost it millions - an admittedly small number for a firm that had a net income of $9.3 billion in the fourth quarter of last year.
The SEC in June fined the company $4 million for deleting millions of emails, meaning the bank was unable to hand over communications the SEC subpoenaed in a dozen regulatory investigations.


This Cyber News was published on go.theregister.com. Publication date: Thu, 18 Jan 2024 19:43:05 +0000


Cyber News related to JPMorgan repels 45 billion cyber attempts a day, says exec The Register

JPMorgan repels 45 billion cyber attempts a day, says exec The Register - The largest bank in the United States repels 45 billion - yes, with a B - cyberattack attempts per day, one of its leaders claimed at the World Economic Forum in Davos. Mary Callahan Erdoes, JPMorgan Chase's CEO in charge of asset and wealth ...
9 months ago Go.theregister.com
Cyber Insurance for Businesses: Navigating Coverage - To mitigate these risks, many businesses opt for cyber insurance. With the wide range of policies available, navigating the world of cyber insurance can be overwhelming. In this article, we will delve into the complexities of cyber insurance and ...
9 months ago Securityzap.com
Cyber Insurance: A Smart Investment to Protect Your Business from Cyber Threats in 2023 - Don't wait until it's too late - get cyber insurance today and secure your business for tomorrow. According to the U.S. Federal Trade Commission, cyber insurance is a particular type of insurance that helps businesses mitigate financial losses ...
8 months ago Cyberdefensemagazine.com
Fighting ransomware: A guide to getting the right cybersecurity insurance - While the cybersecurity risk insurance market has been around for more than 20 years, the rapidly changing nature of attacks and the rise in the ransomware epidemic has markedly changed the nature of cyber insurance in recent years. It's more ...
9 months ago Scmagazine.com
Cyber Insights 2023: The Geopolitical Effect - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. The Russia/Ukraine war that started in early 2022 has been mirrored by a ...
1 year ago Securityweek.com
Wargames director Jackie Schneider on why cyber is one of 'the most interesting scholarly puzzles' - In other games, we had people from Silicon Valley who were leading AI companies or cyber companies. What we found is those who had expertise in cyber operations were more likely to be more nuanced about how they used the cyber capability. On a larger ...
5 months ago Therecord.media
Three Key Threats Fueling the Future of Cyber Attacks - Improvements in cyber security and business continuity are helping to combat encryption-based ransomware attacks, yet the cyber threat landscape is continually evolving. Protecting an organization against intrusion remains a cat and mouse game, in ...
6 months ago Cyberdefensemagazine.com
Uncertainty Is the Biggest Challenge to Australia's Cyber Security Strategy - Political shifts could lead to changes in Australia's cyber security strategy. Early in 2023, as the Australian government started to craft its cyber security vision, it met with opposition at both ends of the political spectrum. On the right wing, ...
10 months ago Techrepublic.com
IT Professionals in ASEAN Confronting Rising Cyber Security Risks - The ASEAN region is seeing more cyber attacks as digitisation advances. In July 2023, the Association of Southeast Asian Nations officially opened a joint cyber security information sharing and research centre, or Cybersecurity and Information Centre ...
11 months ago Techrepublic.com
10 of the biggest zero-day attacks of 2023 - Here are 10 of the biggest zero-day attacks of 2023 in chronological order. Zero-day attacks started strong in 2023 with CVE-2023-0669, a pre-authentication command injection vulnerability in Fortra's GoAnywhere managed file transfer product. ...
10 months ago Techtarget.com
Does Pentesting Actually Save You Money On Cyber Insurance Premiums? - Way back in the cyber dark ages of the early 1990s as many households were buying their first candy-colored Macintoshes and using them to play Oregon Trail and visit AOL chat rooms, many businesses started venturing into the digital realm as well by ...
10 months ago Securityboulevard.com
With Attacks on the Upswing, Cyber-Insurance Premiums Poised to Rise Too - An increase in cyber-insurance claims in 2023, driven by a more active threat landscape, will likely mean that last year's price plateau in cyber-insurance premium costs will be short-lived, according to industry experts. While premium costs fell by ...
9 months ago Darkreading.com
CVE-2021-47146 - In the Linux kernel, the following vulnerability has been resolved: ...
7 months ago
What CIRCIA Means for Critical Infrastructure Providers and How Breach and Attack Simulation Can Help - Cyber Defense Magazine - To prepare themselves for future attacks, organizations can utilize BAS to simulate real-world attacks against their security ecosystem, recreating attack scenarios specific to their critical infrastructure sector and function within that sector, ...
1 month ago Cyberdefensemagazine.com
Meet Your New Cybersecurity Auditor: Your Insurer - As businesses deal with the fallout of massive ransomware waves, from Lapsus$ to Cl0p/MOVEit, an unlikely new entity is joining the regulatory bodies to raise the bar for cybersecurity: the cyber insurer. Their coverage requirements and ...
11 months ago Darkreading.com
CVE-2013-0135 - Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) addressbook/register/delete_user.php, (2) addressbook/register/edit_user.php, or (3) ...
7 years ago
Days After Google, Apple Reveals Exploited Zero-Day in Browser Engine - Apple has patched an actively exploited zero-day bug in its WebKit browser engine for Safari. Actively Exploited Apple yesterday described the vulnerability as something an attacker could exploit to execute arbitrary code on affected systems. ...
9 months ago Darkreading.com
Check Point released hotfix for actively exploited VPN zero-day - MUST READ. Check Point released hotfix for actively exploited VPN zero-day. Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. Critical Fortinet's FortiClient EMS flaw actively exploited in the wild. Apple ...
5 months ago Securityaffairs.com
Nation-State Threats and the Rise of Cyber Mercenaries: Exploring the Microsoft Digital Defense Report - To illuminate the evolving digital threat landscape and help the cyber community understand today's most pressing threats, we released our annual Microsoft Digital Defense Report. This year's report focuses on five key topics: cybercrime, ...
1 year ago Csoonline.com
Avoid high cyber insurance costs by improving Active Directory security - Insurance broker and risk advisor Marsh revealed that US cyber insurance premiums rose by an average of 11% in the first quarter of 2023, and Delinea reported that 67% of survey respondents said their cyber insurance costs increased between 50% and ...
7 months ago Bleepingcomputer.com
Mississippi Creates New Cyber Unit and Names First Director - The state of Mississippi has recently announced the creation of a new dedicated cyber security unit, as well as the naming of its first director. The Mississippi Cyber Security Unit, headed by Director Kelly Hurst and backed by the Mississippi Office ...
1 year ago Securityweek.com
The Evolution of Cyber Threats: Past, Present, and Future - Cyber threats have evolved significantly over time, posing increasing risks to individuals, organizations, and governments in our interconnected world. Let's explore the past, present, and future of cyber threats to better understand how to protect ...
9 months ago Securityzap.com
Classes cancelled as 'sinister' school cyber-attacks rise - BBC. Cancelled lessons and snaking lunchtime queues are among the ways pupils are being affected by an increasing number of cyber attacks on schools. New figures from the Information Commissioner's Office show 347 cyber incidents were reported in the ...
5 months ago Bbc.com
Ukraine-Russia Cyber Battles Have Real-World Impact - "The evolution of cyberattacks and malware, particularly those that have an intersection with the use of generative AI, have lowered the barrier for entry for threat actors, leading to more threats and a greater volume of attacks," he says. ...
1 month ago Darkreading.com
CVE-2017-17713 - Trape before 2017-11-05 has SQL injection via the /nr red parameter, the /nr vId parameter, the /register User-Agent HTTP header, the /register country parameter, the /register countryCode parameter, the /register cpu parameter, the /register isp ...
6 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)