Stolen Vendor Credentials Responsible for Target Breach

Stolen Vendor Credentials Responsible for Target Breach

If I’ve said it once, I’ll say it a thousand times again. Today’s hackers are a highly intelligent, sophisticated bunch of people. Advanced hackers often take advantage of low-level employees or outside vendors, moving laterally through networks to gain access to valuable data.

"Technology vendors aren't your typical remote users,” said Jeff Swearingen, co-founder and CEO of SecureLink. “One vendor may have thousands of technicians that require access on a revolving basis. Login credentials issued to Todd on Tuesday may be used by Wendy on Wednesday and so on – with access to a company's most sensitive data.”

With thousands of technicians, it’s quite possible that suave hackers can persuade at least one of them to hand over their login credentials.

Stolen Vendor Credentials Responsible for Target BreachMost of us are familiar with the whole Target hack debacle, and according to media sources, Target’s investigation to determine the responsible party has led them to a stolen vendor’s credentials as a source of access.

Target hasn't revealed how the credentials were stolen or which outlet was used, but this particular portal does have limited access to Target’s computer systems during the remainder of the investigation. Target did say that the hacker’s used a system that was not related to payment areas, but it’s still unknown how exactly the hackers moved from an unrelated platform to Target’s point-of-sale devices.

"Hackers are intelligent and sophisticated, so it's not unreasonable to think that even a well-run organization could be a victim," noted Swearingen.

What can organizations do to help prevent this type of victimization?

“Successful management of vendor remote access starts with a policy recognizing the difference between your internal users and your vendors,” explained Swearingen. “It eliminates shared logins, restricts access to required privileges only, protects admin credentials and audits all activity in real-time at the individual user level.”

I wonder if Target is considering implementing such a strategy for future management of vendor remote access.

About the Author

Ginger Hill is Group Social Media Manager.

Featured

New Products

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis.

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions.

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.