Cmgt 400 – Security Threat AssessmentSecurity Threat AssessmentCMGT/400January 29, 2013Vijay JonnalagaddaSecurity Threat AssessmentIntroductionThe purpose of this paper is to describe potential risks and security threats faced today at Chase Bank, one of the worldâs largest banking institutions. The author will describe potential risks associated with the information and the related vulnerabilities within the banking organization as well as identifying the forces that drive each threat and the related vulnerabilities presented by each threat.
DDoS AttacksOne of the most prevalent risks that JPMorgan Chase faces today are organized Distributed Denial of Service (DDoS) attacks against its online customer site. A DDoS attack is an attempt to make a website or network unavailable to itsâ intended users. According to “DDoS Attacks Against U.S. Banks Peaked At 60 Gbps” (2012), âA group calling itself âIzz ad-Din al-Qassam Cyber Fightersâ launched a series of DDoS attacks against the websites of several U.S. banks during September and October (2012), severely disrupting online and mobile banking services for extended periods of time.â These DDoS attacks happened in late 2012 and the group has promised more attacks against U.S. banking institutions including JP Morgan Chase.
â
For more about this and other DDoS attacks, see âDDoS AttacksAgainst U.S. Banks: An Unprecedented Threat In America.â
The Government’s DDoS Scenario
The Government’s DDoS Scenario
According to the FBI, the Government’s DDoS Scenario is the most extreme of any known attack plan. The FBI defines an attack plan as:
âan attack plan “stylized by computer-assisted targeting of computer network traffic and other networksâas described aboveâwhere specific, identifiable, or identifiable characteristics (e.g., names, addresses, biometrics, or telephone numbers) for the purpose of gaining access to Internet traffic from a non-targeted Web page are provided.”
âA “targetable” Web page is any site that, by its nature or content, has links to other websites of a “group” or “organizations”âa reference to groups or groups of websitesâin which the attack website links to other websites.
âThe Government’s DDoS Scenario is “not necessarily an attack plan designed to generate a large, centralized global or national market, but rather an approach based on the fact that a user engages with other web applications on the Internet, often in ways other than Internet traffic.”
âThe FBI says, “As we have always been trained to anticipate, an attack may also target a web browser with a broad geographical range than a particular individual Internet traffic. In that manner, an attacker could also use the Internet to attack online or mobile banking services or other businesses, and also those used by those entities to obtain sensitive economic information. A high degree of sophistication in these tactics may make the type of attack most likely.”
In 2012, the Department of Justice announced that it was issuing new cyber defenses against all types of DDoS attacks.
One new law, the National Domestic Cybersecurity Act of 2012, outlines the broad outlines of the DDoS attack plan outlined by the FBI, including the followingâ
⢠the FBI takes the unusual step of requesting that organizations notify the agency of an attack against them.
⢠“All organizations, or any entity, are asked to inform the FBI of an attack in order to protect their business operations and ensure continued service and innovation for their customers. If notified, the organizations should immediately cease all activity against any of their customers or to provide additional notice.”
⢠a letter written to the Director of National Intelligence, stating: “Our Government has the utmost confidence in your ability to protect your customer, and your business operations, critical for the continued success of our mission in cyberspace!”
⢠at least $9 billion in funding over the next five years is already available under the Cyber Intelligence Appropriations Act of 2001 for
DDoS attacks are getting more and more serious to the point that Arbor Networks has speculated about the possibility of a âDDoS Armageddonâ. They are referring to a DDoS attack so huge that it can possibly take down the entire internet. JP Morgan Chase will need to continue to assess the risk of DDoS attacks and continue to protect its sites from them.
It has been stated that there is no risk to customer information from DDoS attacks however the availability of the customer website is a huge concern for the company. There is also a possibility of a group using a DDoS attack as a smoke screen for hacking customer accounts. In other words, the DDoS attack can be used as a distraction while real damage is being done. The FBI has warned the public to be aware of DDoS being used in this manner. Itâs possible that while a DDoS attack is happening, money can be wired out from the bank and the DDoS attack can prevent the funds from being wired back before being funneled elsewhere.
Phishing and MalwarePhishing is defined as âThe act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft.â Phishing has become more and more sophisticated and attempts