Welcome!

News Feed Item

Cybersecurity Firm Reveals Step-by-Step Review of Infamous 2013 Target Attack

Aorato Releases New Research Report that Identifies the Untold Story of the 2013 Target Attack

TEL AVIV, Israel, August 28, 2014 /PRNewswire/ --

In December 2013, Target announced one of the retail industry's largest breaches, impacting 70 million customers and totaling 40M credit cards stolen. The financial damages to Target currently stand at $148M, and according to analyst forecasts are estimated to reach $1B. Today, cybersecurity firm, Aorato, released "The Untold Story the Target Attack; Step-by-Step" report, which carefully analyzes the publicly available report on the Target breach to provide a comprehensive view of the full Target story, while also highlighting pertinent insights into Tactics, Techniques and Procedures (TTPs) of the attackers.  While much of the attack was made public, there are still key questions that have not been answered - until now.  

"The Target Attack of 2013 is one of the most discussed and studied attacks of our time. Unfortunately, despite the flurry of public attention to the incident, key questions are still left unanswered, leaving many retailers, hoping to mitigate these issues for the future, in the dark," said Tal Be'ery, VP Research at Aorato. "Specifically, how did the attackers reach into the heart of Target's network, the POS (Point-of-Sale) system from their initial penetration point? Second, how were 70M users' "Personally Identifiable Information" (PII) exposed? Aorato's newest report uncovers the answers to these looming industry questions."

Generally speaking, the Target attackers largely followed the general APT "kill chain" attack model. However, the Target attack presents unique nuances to the model. These nuances stem from the fact that operations aiming to steal credit cards are inherently different from classic APT operations aimed at intelligence gathering and infrastructure sabotage.  The main difference is that credit card-oriented attacks are bound to be revealed in a relatively short time as the monetization path of the attackers must include massive usage of the stolen credit cards that will get detected by the credit cards vendor's fraud departments.

Main Recommendations to Retailers Storing Credit Card Information:

  • Place security and behavioral monitoring controls around Active Directory as it is involved in nearly all stages of the attack
  • Monitor and profile access patterns to systems to identify abnormal and rogue access patterns
  • Monitor for signs of reconnaissance and information gathering. Pay special attention to excessive and abnormal LDAP queries
  • Don't rely on Anti-Malware solutions as a primary mitigation measure since attackers mostly leverage legitimate IT tools
  • Invest in PCI-Compliance
  • Participate in Retail Information Sharing and Analysis Center (R-ISAC) and Retail Cyber Intelligence Sharing Center (R-CISC) groups to gain valuable intelligence on retail attackers' Tactics, Techniques and Procedures (TTPs)

To read more about this report, read here: http://www.aorato.com/blog/untold-story-target-attack-step-step/

To learn more about Aorato, please visit: http://www.aorato.com

About Aorato  

Aorato protects organizations from advanced attacks. Recognizing Active Directory's pivotal role in the network, Aorato's flagship product, DAFTM, automatically learns the behaviors of all entities engaging directly, or indirectly, with Active Directory. By profiling the entities, DAFTM builds an interaction graph between all entities in order to detect in real-time suspicious entity behavior. Aorato is backed by strategic investors, including Eric Schmidt (Innovation Endeavors), Accel Partners, and the founders of Imperva and Trusteer.

Contact
Idan Plotnik
+1(866)-978-0277
[email protected]

SOURCE Aorato

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend 21st Cloud Expo October 31 - November 2, 2017, at the Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY, and learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.
Cloud Expo, Inc. has announced today that Andi Mann and Aruna Ravichandran have been named Co-Chairs of @DevOpsSummit at Cloud Expo Silicon Valley which will take place Oct. 31-Nov. 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. "DevOps is at the intersection of technology and business-optimizing tools, organizations and processes to bring measurable improvements in productivity and profitability," said Aruna Ravichandran, vice president, DevOps product and solutions marketing...
Most technology leaders, contemporary and from the hardware era, are reshaping their businesses to do software. They hope to capture value from emerging technologies such as IoT, SDN, and AI. Ultimately, irrespective of the vertical, it is about deriving value from independent software applications participating in an ecosystem as one comprehensive solution. In his session at @ThingsExpo, Kausik Sridhar, founder and CTO of Pulzze Systems, will discuss how given the magnitude of today's applicati...
Smart cities have the potential to change our lives at so many levels for citizens: less pollution, reduced parking obstacles, better health, education and more energy savings. Real-time data streaming and the Internet of Things (IoT) possess the power to turn this vision into a reality. However, most organizations today are building their data infrastructure to focus solely on addressing immediate business needs vs. a platform capable of quickly adapting emerging technologies to address future ...
SYS-CON Events announced today that mruby Forum will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. mruby is the lightweight implementation of the Ruby language. We introduce mruby and the mruby IoT framework that enhances development productivity. For more information, visit http://forum.mruby.org/.
The dynamic nature of the cloud means that change is a constant when it comes to modern cloud-based infrastructure. Delivering modern applications to end users, therefore, is a constantly shifting challenge. Delivery automation helps IT Ops teams ensure that apps are providing an optimal end user experience over hybrid-cloud and multi-cloud environments, no matter what the current state of the infrastructure is. To employ a delivery automation strategy that reflects your business rules, making r...
Digital transformation is changing the face of business. The IDC predicts that enterprises will commit to a massive new scale of digital transformation, to stake out leadership positions in the "digital transformation economy." Accordingly, attendees at the upcoming Cloud Expo | @ThingsExpo at the Santa Clara Convention Center in Santa Clara, CA, Oct 31-Nov 2, will find fresh new content in a new track called Enterprise Cloud & Digital Transformation.
SYS-CON Events announced today that NetApp has been named “Bronze Sponsor” of SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. NetApp is the data authority for hybrid cloud. NetApp provides a full range of hybrid cloud data services that simplify management of applications and data across cloud and on-premises environments to accelerate digital transformation. Together with their partners, NetApp emp...
In his general session at 21st Cloud Expo, Greg Dumas, Calligo’s Vice President and G.M. of US operations, will go over the new Global Data Protection Regulation and how Calligo can help business stay compliant in digitally globalized world. Greg Dumas is Calligo's Vice President and G.M. of US operations. Calligo is an established service provider that provides an innovative platform for trusted cloud solutions. Calligo’s customers are typically most concerned about GDPR compliance, applicatio...
In a recent survey, Sumo Logic surveyed 1,500 customers who employ cloud services such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). According to the survey, a quarter of the respondents have already deployed Docker containers and nearly as many (23 percent) are employing the AWS Lambda serverless computing framework. It’s clear: serverless is here to stay. The adoption does come with some needed changes, within both application development and operations. Tha...
Enterprises are adopting Kubernetes to accelerate the development and the delivery of cloud-native applications. However, sharing a Kubernetes cluster between members of the same team can be challenging. And, sharing clusters across multiple teams is even harder. Kubernetes offers several constructs to help implement segmentation and isolation. However, these primitives can be complex to understand and apply. As a result, it’s becoming common for enterprises to end up with several clusters. Thi...
Data scientists must access high-performance computing resources across a wide-area network. To achieve cloud-based HPC visualization, researchers must transfer datasets and visualization results efficiently. HPC clusters now compute GPU-accelerated visualization in the cloud cluster. To efficiently display results remotely, a high-performance, low-latency protocol transfers the display from the cluster to a remote desktop. Further, tools to easily mount remote datasets and efficiently transfer...
Though cloud is the future of enterprise computing, a smooth transition of legacy applications and systems is critical for seamless business operations. IT professionals are eager to start leveraging the cost, scale and other benefits of cloud, but with massive investments already in place in existing infrastructure and a number of compliance and resource hurdles, it can be challenging to move to a cloud-based infrastructure.
SYS-CON Events announced today that Avere Systems, a leading provider of enterprise storage for the hybrid cloud, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Avere delivers a more modern architectural approach to storage that doesn't require the overprovisioning of storage capacity to achieve performance, overspending on expensive storage media for inactive data or the overbui...
Containers are rapidly finding their way into enterprise data centers, but change is difficult. How do enterprises transform their architecture with technologies like containers without losing the reliable components of their current solutions? In his session at @DevOpsSummit at 21st Cloud Expo, Tony Campbell, Director, Educational Services at CoreOS, will explore the challenges organizations are facing today as they move to containers and go over how Kubernetes applications can deploy with lega...