JumpCloud Says Nation-State Hackers Hit Specific Customers

Uploaded on 2023-07-31 in FREE TO VIEW

US-based enterprise software firm JumpCloud says it was cyber hack attacked by advanced nation-state actors, which has been attributed to North Korean hackers.

The hackers breached company systems in search of specific customer data. The attack kicked off on June 22 with a spear-phishing campaign that provided the attackers with access to JumpCloud’s infrastructure.

The company discovered the incident on June 27, one week after the attackers breached its systems via a spear-phishing attack.

“We have also been working with our Incident Response (IR) partners and law enforcement on both our investigation and steps designed to make our systems and our customers’ operations even more secure. The attack vector used by the threat actor has been mitigated,” says Bob Phan at JumpCloud.

The company reset customer API keys on July 5 to combat the nation-state-sponsored threat actors and notified the small group of customers impacted by the breach.

An internal investigation revealed the attackers injected data into the company’s commands framework. The attack vector has since been secured.

JumpCloud stated that the strongest defense against sophisticated adversaries is through collaborative information sharing.

JumpCloud provides single sign-on, multi-factor authentication, and other cloud and device security solutions to more than 180,000 organisations.

The company notified law enforcement and released a list of indicators of compromise to aid other organisations.

“We will continue to enhance our own security measures to protect our customers from future threats and will work closely with our government and industry partners to share information related to this threat,” Phan said.

"These are sophisticated and persistent adversaries with advanced capabilities," Phan said. JumpCloud has not published the name and the origins of the group allegedly responsible for the incident.

Oodaloop:     Security Week:     Reversing Labs:     Bleeping Computer:     Jumpcloud:     Tech Crunch:     The Hacker News:     Oodaloop:     Security Week

 

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

« Shell Confirms Supply Chain Attack
US Intel Leaders “It’s time to be Data Serious” »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Fuel Recruitment

Fuel Recruitment

Fuel Recruitment is a specialist recruitment company for the IT, Telecoms, Engineering, Consulting and Marketing industries.

Nuix

Nuix

Nuix specialise in extracting knowledge from unstructured data. Applications include Digital Forensics, Cybersecurity Intelligence, Information Governance, eDiscovery.

Spambrella

Spambrella

Spambrella provides email security with real-time threat protection. 100% SaaS (nothing to install)

StoneFly

StoneFly

StoneFly offers High Availability, high performance cluster and scale out storage, and backup and disaster recovery appliances.

IoT European Research Cluster (IERC)

IoT European Research Cluster (IERC)

IERC brings together EU-funded projects with the aim of defining a common vision for IoT technology and development research challenges.

ACROS Security

ACROS Security

ACROS Security is a leading provider of security research, real penetration testing and code review for customers with the highest security requirements.

AttackIQ

AttackIQ

AttackIQ delivers continuous validation of your enterprise security program so you can strengthen your security posture and your response capabilities.

Variti

Variti

Variti Intelligent Active Bot Protection technology — traffic analysis, detection and stopping of malicious bots in real-time and effective response to DDoS attacks.

BATM Advanced Communications

BATM Advanced Communications

BATM Advanced Communications is a leading provider of real-time technologies for networking and cyber security solutions.

Redpoint Security

Redpoint Security

Redpoint Security is an application security consulting firm that is focused on all aspects of code security.

SRG Security Resource Group

SRG Security Resource Group

SRG Security Resource Group is a Canadian company dedicated to providing world-class Physical and Cyber Security services.

Microminder Cyber Security

Microminder Cyber Security

Microminder Cyber Security are innovators, advisors, strategists committed to solving your cyber security challenges.

Krista Software

Krista Software

Krista is an intelligent automation platform that combines iPaaS and Conversational AI to automate complete business processes across your teams and apps.

PyNet Labs

PyNet Labs

PyNet Labs is a Training Company serving corporates as well as individuals across the world with ever-changing IT and technology training.

Surf Security

Surf Security

SURF Security has transformed the browser into your strongest security asset while providing complete end-user privacy – all with full compliance.

Qodea

Qodea

Qodea (formerly Appsbroker CTS) is Europe's largest Google Premier only transformation partner.