Monday, March 17, 2014

Why major companies fail to act on malware threats.

Destructive data breaches hit companies all the time.  Last year, Target was hit and exposed 40 million credit and debit cards along with 70 million customers personal data.


The malware installed on Target’s (TGT) security and payments system was designed to steal every credit card used at the 1,797 U.S. stores.

Target has acknowledged that the breach could have been avoided if they paid closer attention to alerts generated by their security monitoring tools.

Targets credit card payment system is still out-of-date.  The systems aren’t able to pull up your account to tell you how much money you owe on your monthly statement.

Target is not the only one with an out dated system that is subjected to  high security risks.  More than 90 lawsuits have been filed against Target by customers and banks for negligence and compensatory damages.

Often, companies deploy security technologies with default alerts, resulting in many false positive warnings, Joe Schumacher, a security consultant for Neohapsis added.

Many alarms are overlooked because sometimes it doesn’t mean anything bad is happening.  Sometimes a security alert shows their have been inappropriate actions, which happen very often.

Six months before the breach, Target installed a network monitoring tool security vendor FireEye that alerts the security personnel of malware on its networks.  The tool has cost Target $1.6 million, but that’s only a fraction of how much damage could have been caused by the considerable compromise.  They spent $61 million responding to the breach through Feb.1, 2014.

Target’s profit for holiday spending fell 46% from the same quarter the year before.

The FireEye system could have been configured to automatically remove the threat.  The software was new and untested at Target, and the feature was not activated.


Target fell short on the process and policies.  Many companies don’t take security as seriously as they should.  A highly secured network can cost companies millions of dollars.  Dollars they sometimes would like to spend elsewhere.

In this instance, the breach could have been automatically stopped.  The system’s option to automatically delete malware as it’s detected was turned off by Target’s security team.

If Target’s security team had followed up on the earliest FireEye alerts, it could have been right behind the hackers on their escape path.

The malware uncovered user names and passwords for the hackers to embed the code on their servers.
It’s unfortunate to know that this could have been easily avoided.  Maybe the security team was focused on some other security alert, or maybe they just didn’t see the alert as important.  Maybe the security team underestimated the severity of a simple malware warning message.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+.

Major companies, like Target, often fail to act on malware alerts – Computer World

Missed Alarms and 40 Million Stolen Credit Card Numbers: How Target Blew It – Bloomberg Business Week Technology

No comments:

Post a Comment