Team 2 Assignment #1
Eric Andrews, Helena Bergmann, Greg Fairchild, Harold Francis, Bryan Frank, Erik Schott
CSEC 620 9045
Professor McDavid
TABLE OF CONTENTS
1: Introduction……………………………………………………………………3
2: Target……………………………………………………………………….….3
2.1: Mission and Attacks………………………………………………………...3
2.2: Possible actors and cultural factors…………………………………………4
2.3: Policy and Regulation……………………………………………………….6
3: Neiman Marcus…………………………………………………………………8
3.1: Mission and Attacks…………………………………………………………8
3.2: Possible actors and cultural factors………………………………………….10
3.3: Policy and Regulation……………………………………………………….11
4: Home Depot…………………………………………………………………….12
4.1: Mission and Attacks…………………………………………………………12
4.2: Possible actors and cultural factors………………………………………….13
4.3: Policy and Regulation……………………………………………………….15
5: Conclusion………………………………………………………………………16
6: References………………………………………………………………………17
.
1: Introduction
2014 was a banner year for cyber attacks against major retailers. Cyber attacks on Target, Home Depot, and Neiman Marcus were responsible for exposure of account information of millions of unsuspecting customers. These attacks were carried out through the introduction of malware into the local area network of these retailers through the point of sale terminals located at the checkout counters. In this paper, we will discussion the mission of these companies, the method the attackers used to gain access to the accounts, the culture of the threat actors, and the policies that lead to this failure to secure networks against possible attacks.
2: Target
2.1: Mission and Attacks
“Our mission is to make Target your preferred shopping destination in all channels by delivering outstanding value, continuous innovation, and exceptional guest experiences by consistently fulfilling our Expect More. Pay Less.® brand promise” (Target Mission, Values & Stories Behind Them, n.d.).
The Target attack was one of the largest cyber attacks on a retailer. Target was attacked with malware that stole credit and debit card information. The estimation is that, during the attack, the criminals were able to steal approximately 40 million credit card numbers (Krebs, 2014). The credit card numbers would then be used to make clone cards, or the numbers would be sold on various underground websites. The attack was a continuation of other recent attacks on retailers such as Home Depot and TJ Max. What makes the attack interesting is that it originated from a third-party vendor.
Access was gained into the Target network by using a third-party vendor. An HVAC company located in Pennsylvania was given permission to access Target's systems remotely. Although there is some debate if the HVAC company were given access to monitor the environmental controls or for billing reasons, what is not debated is that the hackers stole the credentials and sign-in for the HVAC company, using it to gain access to Target's systems (Krebs, 2014). These types of attacks are becoming more common. Third-party vendors tend to have less-robust security systems in place but are given access to large organizations. Target's systems were not segregated; access to one system allowed the hackers the ability to access other systems. Even following PCI standards, retail systems are still viewed as outdated against current threats (Zetter, 2014). The direct impact on Target was a downturn in customer traffic to their stores and a significant loss of revenue since the attack occurred during the critical holiday shopping season. Target is looking at losses related to the data breach at several hundred million dollars (Ziobro, 2014). If it's clear that Target ignored signs of an attack and didn’t implement proper security, they will have to deal with further liability issues, lawsuits and fines.
2.2: Possible Actors and Cultural Factors
After the fall of Soviet Union, the Eastern