SoylentNews
SoylentNews is people
https://soylentnews.org/
Title | | Target Had Multiple Chances to Stop Card Breach |
Date | | Friday March 14 2014, @11:31PM |
Author | | janrinok |
Topic | | |
from the oops-that's-not-the-way-it's-meant-to-work dept. |
https://soylentnews.org/article.pl?sid=14/03/14/1847240
GungnirSniper writes:
"Late last year, US retailer Target had multiple IT failures that led to 40 million credit cards being leaked, and more than $61 million in breach-related expenditures, as well as a significant cut into their holiday profits. Businessweek has a lengthy article laying out the failures, among them:
- Despite installing FireEye's monitoring technology, security administrators disabled FireEye's option to automatically delete malware as it is detected, allowing the unclassified 'malware.binary' through.
- When Target India's team received the first critical alert from FireEye, they notified the security team at Target's Headquarters in Minneapolis, Minnesota, USA, but the report was ignored or simply no action was taken on it.
- Additional critical alerts were generated, but apparently no action was taken on them, allowing updated malware through.
- Symantec Endpoint Protection detected odd behavior on the same server as detected by FireEye, but this did not raise concern.
- The initial illicit access was gained by an outside vendor's stolen credentials, which should not have given as much network access as it did.
Though the data was copied through a few hops in the US, it ultimately was traced to Russia. Analysis the binaries shows the malware itself was unsophisticated, and included a possible hacker's alias in the 'exfiltration code.'"
- "GungnirSniper" - http://soylentnews.org/~gungnirsniper
- "Target" - https://corporate.target.com/discover/article/Important-Notice-Unauthorized-access-to-payment-ca
- "Businessweek has a lengthy article laying out the failures," - http://www.businessweek.com/printer/articles/189345-missed-alarms-and-40-million-stolen-credit-card-numbers-how-target-blew-it
© Copyright 2024
- SoylentNews, All Rights Reserved
printed from SoylentNews, Target Had Multiple Chances to Stop Card Breach on 2024-05-24 04:47:56