JumpCloud Says Nation-State Hackers Hit Specific Customers

US-based enterprise software firm JumpCloud says it was cyber hack attacked by advanced nation-state actors, which has been attributed to North Korean hackers.

The hackers breached company systems in search of specific customer data. The attack kicked off on June 22 with a spear-phishing campaign that provided the attackers with access to JumpCloud’s infrastructure.

The company discovered the incident on June 27, one week after the attackers breached its systems via a spear-phishing attack.

“We have also been working with our Incident Response (IR) partners and law enforcement on both our investigation and steps designed to make our systems and our customers’ operations even more secure. The attack vector used by the threat actor has been mitigated,” says Bob Phan at JumpCloud.

The company reset customer API keys on July 5 to combat the nation-state-sponsored threat actors and notified the small group of customers impacted by the breach.

An internal investigation revealed the attackers injected data into the company’s commands framework. The attack vector has since been secured.

JumpCloud stated that the strongest defense against sophisticated adversaries is through collaborative information sharing.

JumpCloud provides single sign-on, multi-factor authentication, and other cloud and device security solutions to more than 180,000 organisations.

The company notified law enforcement and released a list of indicators of compromise to aid other organisations.

“We will continue to enhance our own security measures to protect our customers from future threats and will work closely with our government and industry partners to share information related to this threat,” Phan said.

"These are sophisticated and persistent adversaries with advanced capabilities," Phan said. JumpCloud has not published the name and the origins of the group allegedly responsible for the incident.

Oodaloop:     Security Week:     Reversing Labs:     Bleeping Computer:     Jumpcloud:     Tech Crunch:     The Hacker News:     Oodaloop:     Security Week

 

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

« Shell Confirms Supply Chain Attack
US Intel Leaders “It’s time to be Data Serious” »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Beta Systems Software

Beta Systems Software

Beta Systems automate IT-based business processes, control access rights, monitor processes, secure the network and optimize the infrastructure management of corporate IT.

Cyber 2.0

Cyber 2.0

Cyber 2.0 is the only system in the world that blocks all forms of cyber attack within the organization, including new and unfamiliar attack methods.

Dataglobal

Dataglobal

Dataglobal is an industry-leading provider of Information Archiving/Governance and Unified Data Classification solutions.

Ipsidy

Ipsidy

Our identity platform enables mobile users to more easily authenticate their identity to a mobile phone or portable device of their choosing.

Remediant

Remediant

Remediant is the leader in Precision Privileged Access Management. We protect organizations from ransomware and data theft via stolen credentials and lateral movement.

Infosistem

Infosistem

Infosistem is a Croatian ICT company with extensive expertise and experience in enterprise and SMB ICT projects and solutions.

DKBInnovative

DKBInnovative

DKBinnovative is a best-practice driven IT management firm that provides secure, reliable IT solutions to productivity-focused clients around the globe.

Business Resilience International Management (BRIM)

Business Resilience International Management (BRIM)

Business Resilience International Management (BRIM) is engaged by law enforcement in the UK and overseas to advise on establishing and developing Cyber Resilience Centres (CRCs) for business.

Viettel Cyber Security

Viettel Cyber Security

Viettel Cyber Security is an organization under the Military Telecommunication Industry Group, conducting research and developing information security solutions for domestic and foreign customers.

Laminar

Laminar

Laminar provides the only Public Cloud Data Protection solution that provides full visibility and enforcement capabilities across your entire public cloud infrastructure.

BCyber

BCyber

BCyber is a Swiss Cyber Security company that provides security products, training, and managed services to protect diverse IT and OT environments against cyber, physical, and cyber-physical threats.

Conosco

Conosco

Conosco are industry-leading experts throughout the UK in strategic consulting, project delivery, business communications, support, and security.

Dimension Data

Dimension Data

Dimension Data is a leading African born technology provider operating in the Middle East and Africa, offering a portfolio of services including intelligent security solutions.

Barrier Networks

Barrier Networks

Barrier Networks are a Cyber Security Managed Service Provider that specialises in Network and Application security.

Clango

Clango

Clango employs an identity-centric approach to optimizing your cybersecurity investment while minimizing risk.

Anjolen

Anjolen

Anjolen provides expertise in cybersecurity, compliance and cyber forensic services.