Tag Archives: malware

Cyber Attack

A few days before Thanksgiving 2013, someone installed malware in Target’s security and payment network. It was devised to take possession of all information by means of a cyber attack related to every credit card used at the company’s 1,797 U. S. stores.

The hackers gained control of a Target server. As Christmas gifts were scanned and packaged, the moment the cashier asked for a swipe of the customer’s credit card, the malware was activated. The cyber attack had begun.  the credit card number was captured and stored for the hackers.

It is considered the largest credit card breach and cyber attack in  U. S. history since the breach discovered in 2007 involving retailer T. J. Maxx and roughly 45 million card users.

Six months earlier, FireEye, the computer security firm, had begun installing a $1.6 million cyber attack detection tool for Target. The CIA and the Pentagon are some of FireEye’s clients. Security specialists in Bangalore were supposed to monitor Target’s computers 24 hours a day. Anything suspicious noticed by the Bangalore security centre was supposed to be reported to the security operations centre in Minneapolis.

Only after the hackers had planned an escape route for the safe-keeping of the data, did FireEye spot the breach and send a cyber attack alert. It was too late. Details of the credit cards had been moved to various locations in the U. S. to cover tracks and then finally to Russia. Target stood by as 40 million credit card numbers and 70 million addresses, phone numbers and email addresses poured out of Target’s mainframe.

According to media reports, credit and debit card accounts stolen are being sold on underground black markets for anywhere from $20 to more than $100 per card, reports KrebsOnSecurity, a security news website.

Target announced in January 2015 that it was closing all 133 of its stores in Canada. This resulted in the retrenchment of more than 17, 000 workers. Earlier in March this year another 1,700 workers were laid off at its headquarters and 1,400 open positions were slashed.

Documents show that hacking victims could get as much as $10,000 each. The proposed settlement requires that the Target Corporation put into force certain security policies within 10 days of the settlement becoming effective. These include:

  • The appointment of a chief information security officer.
  • Have in its possession a written information security program, which specifies potential security risks. Furthermore, the company must develop metrics to measure the security of its systems.
  • The company must educate workers about the importance of safeguarding personal identifying information.

In order for hacking victims to be paid they have to have experienced at least one of the following:

  • Unauthorised, unreimbursed charges on their credit or debit card.
  • Spent their own time attending to charges.
  • Paid fees to hire somebody to correct a report.
  • Paid higher interest rates or fees on accounts.
  • Spent funds buying credit reports.
  • Paid to replace identification, Social Security number or phone number.

More than 90 lawsuits have been filed against Target by customers and banks for negligence and compensatory damage. With the approval of a federal court, Target will deposit a settlement amount into an interest bearing escrow account. With the approval of a federal court, according to the 97 page settlement.

A recent survey by the Ponemon Institute revealed the average cost of cybercrime for U. S. retail stores more than doubled from 2013 to an annual average of $8.6 million per company in 2014. The annual average cost per company of successful cyber attacks increased by $20.8 million in financial services. An amount of $14.5 million in the technology sector.  In addition $12.7 million in communications industries.

This survey lists known cyber attacks on private U. S. companies since the beginning of 2014. By its very nature, a list of this sort is incomplete. The scope of many attacks is not fully known. For example, in July, the U. S. Computer Emergency Readiness Team issued an advisory that more than 1,000 U. S. businesses have been affected by the Backoff malware, which targets point-of-sale (PoS) systems used by most retail industries. (Backoff scrapes memory from running processes on targeted devices, and has therefore been planted on retailers’ PoS systems by criminals desiring to pilfer consumer credit data.

The list includes only cyber attacks that have been made known to the public. Most companies encounter multiple cyber attacks every day, many unknown to the public and many unknown to the companies themselves.