Six Failures of Target’s Non-Compliance

Ira Winkler, is very well known champion in the security arena who is super busy and he still found time to write this article on ComputerWorld in regards to the 6 Failures of Target.

To summarize the article, basically, there wasn’t just a single point of failure that was vulnerable.

  1. The network was not properly segregated, thus, PCI systems and non-PCI systems were commingled, leading to the ability of someone without need to know (the HVAC contractor) to have the ability to reach PCI systems.
  2. Attacker(s), once logged in, probed the network, in which an IDS would be able to detect or at least log.
  3. Analysis shows the POS systems were infected all worm style, network monitors should have picked that up.
  4. POS systems enable whitelisting, since malware still ran, whitelisting was not enabled.
  5. To get the information out of Target, systems were hacked to store the information that was getting stolen AND
  6. Network lines weren’t monitored for DLP, as the stolen data was transmitted out.

 

This entry was posted in Security Blog and tagged , , , , , , , . Bookmark the permalink.