|By PR Newswire||
|August 28, 2014 03:12 AM EDT||
TEL AVIV, Israel, August 28, 2014 /PRNewswire/ --
In December 2013, Target announced one of the retail industry's largest breaches, impacting 70 million customers and totaling 40M credit cards stolen. The financial damages to Target currently stand at $148M, and according to analyst forecasts are estimated to reach $1B. Today, cybersecurity firm, Aorato, released "The Untold Story the Target Attack; Step-by-Step" report, which carefully analyzes the publicly available report on the Target breach to provide a comprehensive view of the full Target story, while also highlighting pertinent insights into Tactics, Techniques and Procedures (TTPs) of the attackers. While much of the attack was made public, there are still key questions that have not been answered - until now.
"The Target Attack of 2013 is one of the most discussed and studied attacks of our time. Unfortunately, despite the flurry of public attention to the incident, key questions are still left unanswered, leaving many retailers, hoping to mitigate these issues for the future, in the dark," said Tal Be'ery, VP Research at Aorato. "Specifically, how did the attackers reach into the heart of Target's network, the POS (Point-of-Sale) system from their initial penetration point? Second, how were 70M users' "Personally Identifiable Information" (PII) exposed? Aorato's newest report uncovers the answers to these looming industry questions."
Generally speaking, the Target attackers largely followed the general APT "kill chain" attack model. However, the Target attack presents unique nuances to the model. These nuances stem from the fact that operations aiming to steal credit cards are inherently different from classic APT operations aimed at intelligence gathering and infrastructure sabotage. The main difference is that credit card-oriented attacks are bound to be revealed in a relatively short time as the monetization path of the attackers must include massive usage of the stolen credit cards that will get detected by the credit cards vendor's fraud departments.
Main Recommendations to Retailers Storing Credit Card Information:
- Place security and behavioral monitoring controls around Active Directory as it is involved in nearly all stages of the attack
- Monitor and profile access patterns to systems to identify abnormal and rogue access patterns
- Monitor for signs of reconnaissance and information gathering. Pay special attention to excessive and abnormal LDAP queries
- Don't rely on Anti-Malware solutions as a primary mitigation measure since attackers mostly leverage legitimate IT tools
- Invest in PCI-Compliance
- Participate in Retail Information Sharing and Analysis Center (R-ISAC) and Retail Cyber Intelligence Sharing Center (R-CISC) groups to gain valuable intelligence on retail attackers' Tactics, Techniques and Procedures (TTPs)
To read more about this report, read here: http://www.aorato.com/blog/untold-story-target-attack-step-step/
To learn more about Aorato, please visit: http://www.aorato.com
Aorato protects organizations from advanced attacks. Recognizing Active Directory's pivotal role in the network, Aorato's flagship product, DAFTM, automatically learns the behaviors of all entities engaging directly, or indirectly, with Active Directory. By profiling the entities, DAFTM builds an interaction graph between all entities in order to detect in real-time suspicious entity behavior. Aorato is backed by strategic investors, including Eric Schmidt (Innovation Endeavors), Accel Partners, and the founders of Imperva and Trusteer.
“RackN is a software company and we take how a hybrid infrastructure scenario, which consists of clouds, virtualization, traditional data center technologies - how to make them all work together seamlessly from an operational perspective,” stated Dan Choquette, Founder of RackN, in this SYS-CON.tv interview at @DevOpsSummit at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Jan. 17, 2017 01:15 PM EST Reads: 3,493
"There's a growing demand from users for things to be faster. When you think about all the transactions or interactions users will have with your product and everything that is between those transactions and interactions - what drives us at Catchpoint Systems is the idea to measure that and to analyze it," explained Leo Vasiliou, Director of Web Performance Engineering at Catchpoint Systems, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York Ci...
Jan. 17, 2017 12:45 PM EST Reads: 5,512
The 20th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held June 6-8, 2017, at the Javits Center in New York City, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Containers, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit your speaking proposal ...
Jan. 17, 2017 12:45 PM EST Reads: 5,041
@DevOpsSummit taking place June 6-8, 2017 at Javits Center, New York City, is co-located with the 20th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. @DevOpsSummit at Cloud Expo New York Call for Papers is now open.
Jan. 17, 2017 12:45 PM EST Reads: 3,401
"Tintri was started in 2008 with the express purpose of building a storage appliance that is ideal for virtualized environments. We support a lot of different hypervisor platforms from VMware to OpenStack to Hyper-V," explained Dan Florea, Director of Product Management at Tintri, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Jan. 17, 2017 12:45 PM EST Reads: 4,351
Things are changing so quickly in IoT that it would take a wizard to predict which ecosystem will gain the most traction. In order for IoT to reach its potential, smart devices must be able to work together. Today, there are a slew of interoperability standards being promoted by big names to make this happen: HomeKit, Brillo and Alljoyn. In his session at @ThingsExpo, Adam Justice, vice president and general manager of Grid Connect, will review what happens when smart devices don’t work togeth...
Jan. 17, 2017 12:21 PM EST
Jan. 17, 2017 12:15 PM EST Reads: 6,231
Jan. 17, 2017 12:15 PM EST Reads: 2,432
Jan. 17, 2017 11:45 AM EST Reads: 1,901
Jan. 17, 2017 11:45 AM EST Reads: 4,171
Jan. 17, 2017 11:45 AM EST Reads: 5,702
Jan. 17, 2017 11:30 AM EST Reads: 1,741
Jan. 17, 2017 11:15 AM EST Reads: 451
Jan. 17, 2017 11:15 AM EST Reads: 557
Jan. 17, 2017 10:45 AM EST Reads: 9,410